Vulnerabilites related to sgi - propack
CVE-2004-1184 (GCVE-0-2004-1184)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:46:11.489Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "oval:org.mitre.oval:def:9658", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9658" }, { "name": "FLSA:152892", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded" }, { "name": "12329", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/12329" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.apple.com/kb/HT3549" }, { "name": "MDKSA-2005:033", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033" }, { "name": "USN-68-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/68-1/" }, { "name": "1012965", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1012965" }, { "name": "35074", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/35074" }, { "name": "DSA-654", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-654" }, { "name": "APPLE-SA-2009-05-12", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "name": "20060526 rPSA-2006-0083-1 enscript", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded" }, { "name": "TA09-133A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "name": "ADV-2009-1297", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "name": "RHSA-2005:040", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-040.html" }, { "name": "GLSA-200502-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml" }, { "name": "enscript-epsf-command-ececution(19012)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19012" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-01-21T00:00:00", "descriptions": [ { "lang": "en", "value": "The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "oval:org.mitre.oval:def:9658", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9658" }, { "name": "FLSA:152892", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded" }, { "name": "12329", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/12329" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.apple.com/kb/HT3549" }, { "name": "MDKSA-2005:033", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033" }, { "name": "USN-68-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/68-1/" }, { "name": "1012965", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1012965" }, { "name": "35074", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/35074" }, { "name": "DSA-654", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-654" }, { "name": "APPLE-SA-2009-05-12", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "name": "20060526 rPSA-2006-0083-1 enscript", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded" }, { "name": "TA09-133A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "name": "ADV-2009-1297", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "name": "RHSA-2005:040", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-040.html" }, { "name": "GLSA-200502-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml" }, { "name": "enscript-epsf-command-ececution(19012)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19012" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-1184", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "oval:org.mitre.oval:def:9658", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9658" }, { "name": "FLSA:152892", "refsource": "FEDORA", "url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded" }, { "name": "12329", "refsource": "BID", "url": "http://www.securityfocus.com/bid/12329" }, { "name": "http://support.apple.com/kb/HT3549", "refsource": "CONFIRM", "url": "http://support.apple.com/kb/HT3549" }, { "name": "MDKSA-2005:033", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033" }, { "name": "USN-68-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/68-1/" }, { "name": "1012965", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1012965" }, { "name": "35074", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35074" }, { "name": "DSA-654", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2005/dsa-654" }, { "name": "APPLE-SA-2009-05-12", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "name": "20060526 rPSA-2006-0083-1 enscript", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded" }, { "name": "TA09-133A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "name": "ADV-2009-1297", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "name": "RHSA-2005:040", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-040.html" }, { "name": "GLSA-200502-03", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml" }, { "name": "enscript-epsf-command-ececution(19012)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19012" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-1184", "datePublished": "2005-01-29T05:00:00", "dateReserved": "2004-12-13T00:00:00", "dateUpdated": "2024-08-08T00:46:11.489Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0506 (GCVE-0-2004-0506)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:17:15.171Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "11776", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11776" }, { "name": "CLA-2005:916", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "name": "10347", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/10347" }, { "name": "11608", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11608" }, { "name": "11836", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11836" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.ethereal.com/appnotes/enpa-sa-00014.html" }, { "name": "RHSA-2004:234", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-234.html" }, { "name": "oval:org.mitre.oval:def:987", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A987" }, { "name": "oval:org.mitre.oval:def:9695", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9695" }, { "name": "O-150", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/o-150.shtml" }, { "name": "20040605-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "ethereal-spnego-dos(16151)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16151" }, { "name": "GLSA-200406-01", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200406-01.xml" }, { "name": "20040604-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "1010158", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1010158" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-05-13T00:00:00", "descriptions": [ { "lang": "en", "value": "The SPNEGO dissector in Ethereal 0.9.8 to 0.10.3 allows remote attackers to cause a denial of service (crash) via unknown attack vectors that cause a null pointer dereference." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "11776", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11776" }, { "name": "CLA-2005:916", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "name": "10347", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/10347" }, { "name": "11608", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11608" }, { "name": "11836", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11836" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.ethereal.com/appnotes/enpa-sa-00014.html" }, { "name": "RHSA-2004:234", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-234.html" }, { "name": "oval:org.mitre.oval:def:987", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A987" }, { "name": "oval:org.mitre.oval:def:9695", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9695" }, { "name": "O-150", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/o-150.shtml" }, { "name": "20040605-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "ethereal-spnego-dos(16151)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16151" }, { "name": "GLSA-200406-01", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200406-01.xml" }, { "name": "20040604-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "1010158", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1010158" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0506", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The SPNEGO dissector in Ethereal 0.9.8 to 0.10.3 allows remote attackers to cause a denial of service (crash) via unknown attack vectors that cause a null pointer dereference." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "11776", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11776" }, { "name": "CLA-2005:916", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "name": "10347", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10347" }, { "name": "11608", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11608" }, { "name": "11836", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11836" }, { "name": "http://www.ethereal.com/appnotes/enpa-sa-00014.html", "refsource": "CONFIRM", "url": "http://www.ethereal.com/appnotes/enpa-sa-00014.html" }, { "name": "RHSA-2004:234", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-234.html" }, { "name": "oval:org.mitre.oval:def:987", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A987" }, { "name": "oval:org.mitre.oval:def:9695", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9695" }, { "name": "O-150", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/o-150.shtml" }, { "name": "20040605-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "ethereal-spnego-dos(16151)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16151" }, { "name": "GLSA-200406-01", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200406-01.xml" }, { "name": "20040604-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "1010158", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1010158" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0506", "datePublished": "2004-06-03T04:00:00", "dateReserved": "2004-06-01T00:00:00", "dateUpdated": "2024-08-08T00:17:15.171Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-1471 (GCVE-0-2004-1471)
Vulnerability from cvelistv5
- n/a
▼ | URL | Tags |
---|---|---|
http://security.e-matters.de/advisories/092004.html | x_refsource_MISC | |
http://www.securityfocus.com/bid/10499 | vdb-entry, x_refsource_BID | |
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:14.cvs.asc | vendor-advisory, x_refsource_FREEBSD | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/16365 | vdb-entry, x_refsource_XF | |
http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html | mailing-list, x_refsource_FULLDISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:53:23.983Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://security.e-matters.de/advisories/092004.html" }, { "name": "10499", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/10499" }, { "name": "FreeBSD-SA-04:14", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:14.cvs.asc" }, { "name": "cvs-wrapper-format-string(16365)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16365" }, { "name": "20040609 Advisory 09/2004: More CVS remote vulnerabilities", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-06-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://security.e-matters.de/advisories/092004.html" }, { "name": "10499", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/10499" }, { "name": "FreeBSD-SA-04:14", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:14.cvs.asc" }, { "name": "cvs-wrapper-format-string(16365)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16365" }, { "name": "20040609 Advisory 09/2004: More CVS remote vulnerabilities", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-1471", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://security.e-matters.de/advisories/092004.html", "refsource": "MISC", "url": "http://security.e-matters.de/advisories/092004.html" }, { "name": "10499", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10499" }, { "name": "FreeBSD-SA-04:14", "refsource": "FREEBSD", "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:14.cvs.asc" }, { "name": "cvs-wrapper-format-string(16365)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16365" }, { "name": "20040609 Advisory 09/2004: More CVS remote vulnerabilities", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-1471", "datePublished": "2005-02-13T05:00:00", "dateReserved": "2005-02-13T00:00:00", "dateUpdated": "2024-08-08T00:53:23.983Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-0605 (GCVE-0-2005-0605)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T21:21:06.249Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2005:331", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-331.html" }, { "name": "RHSA-2005:412", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-412.html" }, { "name": "1013339", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1013339" }, { "name": "18049", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18049" }, { "name": "20060403-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U" }, { "name": "SCOSA-2006.5", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=83598" }, { "name": "GLSA-200503-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml" }, { "name": "DSA-723", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-723" }, { "name": "19624", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19624" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugs.freedesktop.org/attachment.cgi?id=1909" }, { "name": "APPLE-SA-2005-08-15", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "name": "18316", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18316" }, { "name": "14460", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/14460" }, { "name": "RHSA-2005:198", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-198.html" }, { "name": "FLSA-2006:152803", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html" }, { "name": "RHSA-2005:044", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-044.html" }, { "name": "GLSA-200503-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200503-08.xml" }, { "name": "12714", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/12714" }, { "name": "RHSA-2008:0261", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=83655" }, { "name": "RHSA-2005:473", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-473.html" }, { "name": "APPLE-SA-2005-08-17", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "name": "SCOSA-2005.57", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txt" }, { "name": "USN-97-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/97-1/" }, { "name": "oval:org.mitre.oval:def:10411", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10411" }, { "name": "USN-92-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/92-1/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-03-01T00:00:00", "descriptions": [ { "lang": "en", "value": "scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-03T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2005:331", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-331.html" }, { "name": "RHSA-2005:412", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-412.html" }, { "name": "1013339", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1013339" }, { "name": "18049", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18049" }, { "name": "20060403-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U" }, { "name": "SCOSA-2006.5", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=83598" }, { "name": "GLSA-200503-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml" }, { "name": "DSA-723", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-723" }, { "name": "19624", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19624" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugs.freedesktop.org/attachment.cgi?id=1909" }, { "name": "APPLE-SA-2005-08-15", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "name": "18316", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18316" }, { "name": "14460", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/14460" }, { "name": "RHSA-2005:198", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-198.html" }, { "name": "FLSA-2006:152803", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html" }, { "name": "RHSA-2005:044", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-044.html" }, { "name": "GLSA-200503-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200503-08.xml" }, { "name": "12714", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/12714" }, { "name": "RHSA-2008:0261", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=83655" }, { "name": "RHSA-2005:473", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-473.html" }, { "name": "APPLE-SA-2005-08-17", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "name": "SCOSA-2005.57", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txt" }, { "name": "USN-97-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/97-1/" }, { "name": "oval:org.mitre.oval:def:10411", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10411" }, { "name": "USN-92-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/92-1/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-0605", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2005:331", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-331.html" }, { "name": "RHSA-2005:412", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-412.html" }, { "name": "1013339", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1013339" }, { "name": "18049", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18049" }, { "name": "20060403-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U" }, { "name": "SCOSA-2006.5", "refsource": "SCO", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt" }, { "name": "http://bugs.gentoo.org/show_bug.cgi?id=83598", "refsource": "CONFIRM", "url": "http://bugs.gentoo.org/show_bug.cgi?id=83598" }, { "name": "GLSA-200503-15", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml" }, { "name": "DSA-723", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2005/dsa-723" }, { "name": "19624", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19624" }, { "name": "https://bugs.freedesktop.org/attachment.cgi?id=1909", "refsource": "CONFIRM", "url": "https://bugs.freedesktop.org/attachment.cgi?id=1909" }, { "name": "APPLE-SA-2005-08-15", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "name": "18316", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18316" }, { "name": "14460", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/14460" }, { "name": "RHSA-2005:198", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-198.html" }, { "name": "FLSA-2006:152803", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html" }, { "name": "RHSA-2005:044", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-044.html" }, { "name": "GLSA-200503-08", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200503-08.xml" }, { "name": "12714", "refsource": "BID", "url": "http://www.securityfocus.com/bid/12714" }, { "name": "RHSA-2008:0261", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html" }, { "name": "http://bugs.gentoo.org/show_bug.cgi?id=83655", "refsource": "CONFIRM", "url": "http://bugs.gentoo.org/show_bug.cgi?id=83655" }, { "name": "RHSA-2005:473", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-473.html" }, { "name": "APPLE-SA-2005-08-17", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "name": "SCOSA-2005.57", "refsource": "SCO", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txt" }, { "name": "USN-97-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/97-1/" }, { "name": "oval:org.mitre.oval:def:10411", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10411" }, { "name": "USN-92-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/92-1/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-0605", "datePublished": "2005-03-04T05:00:00", "dateReserved": "2005-03-01T00:00:00", "dateUpdated": "2024-08-07T21:21:06.249Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-0156 (GCVE-0-2005-0156)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T21:05:24.911Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20050207 DMA[2005-0131b] - \u0027Setuid Perl PERLIO_DEBUG", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://marc.info/?l=full-disclosure\u0026m=110779721503111\u0026w=2" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.digitalmunition.com/DMA%5B2005-0131b%5D.txt" }, { "name": "12426", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/12426" }, { "name": "RHSA-2005:105", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-105.html" }, { "name": "14120", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/14120" }, { "name": "2005-0003", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2005/0003/" }, { "name": "RHSA-2005:103", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-103.html" }, { "name": "oval:org.mitre.oval:def:10803", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10803" }, { "name": "55314", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/55314" }, { "name": "20050202 [USN-72-1] Perl vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=110737149402683\u0026w=2" }, { "name": "CLSA-2006:1056", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=001056" }, { "name": "FLSA-2006:152845", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://fedoranews.org/updates/FEDORA--.shtml" }, { "name": "MDKSA-2005:031", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:031" }, { "name": "perl-perliodebug-bo(19208)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19208" }, { "name": "GLSA-200502-13", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-13.xml" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-02-02T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20050207 DMA[2005-0131b] - \u0027Setuid Perl PERLIO_DEBUG", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://marc.info/?l=full-disclosure\u0026m=110779721503111\u0026w=2" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.digitalmunition.com/DMA%5B2005-0131b%5D.txt" }, { "name": "12426", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/12426" }, { "name": "RHSA-2005:105", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-105.html" }, { "name": "14120", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/14120" }, { "name": "2005-0003", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2005/0003/" }, { "name": "RHSA-2005:103", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-103.html" }, { "name": "oval:org.mitre.oval:def:10803", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10803" }, { "name": "55314", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/55314" }, { "name": "20050202 [USN-72-1] Perl vulnerabilities", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=110737149402683\u0026w=2" }, { "name": "CLSA-2006:1056", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=001056" }, { "name": "FLSA-2006:152845", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://fedoranews.org/updates/FEDORA--.shtml" }, { "name": "MDKSA-2005:031", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:031" }, { "name": "perl-perliodebug-bo(19208)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19208" }, { "name": "GLSA-200502-13", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-13.xml" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-0156", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20050207 DMA[2005-0131b] - \u0027Setuid Perl PERLIO_DEBUG", "refsource": "FULLDISC", "url": "http://marc.info/?l=full-disclosure\u0026m=110779721503111\u0026w=2" }, { "name": "http://www.digitalmunition.com/DMA[2005-0131b].txt", "refsource": "MISC", "url": "http://www.digitalmunition.com/DMA[2005-0131b].txt" }, { "name": "12426", "refsource": "BID", "url": "http://www.securityfocus.com/bid/12426" }, { "name": "RHSA-2005:105", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-105.html" }, { "name": "14120", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/14120" }, { "name": "2005-0003", "refsource": "TRUSTIX", "url": "http://www.trustix.org/errata/2005/0003/" }, { "name": "RHSA-2005:103", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-103.html" }, { "name": "oval:org.mitre.oval:def:10803", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10803" }, { "name": "55314", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/55314" }, { "name": "20050202 [USN-72-1] Perl vulnerabilities", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=110737149402683\u0026w=2" }, { "name": "CLSA-2006:1056", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=001056" }, { "name": "FLSA-2006:152845", "refsource": "FEDORA", "url": "http://fedoranews.org/updates/FEDORA--.shtml" }, { "name": "MDKSA-2005:031", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:031" }, { "name": "perl-perliodebug-bo(19208)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19208" }, { "name": "GLSA-200502-13", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-13.xml" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-0156", "datePublished": "2005-02-07T05:00:00", "dateReserved": "2005-01-27T00:00:00", "dateUpdated": "2024-08-07T21:05:24.911Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0104 (GCVE-0-2004-0104)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:10:03.709Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "metamail-printheader-format-string(15259)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15259" }, { "name": "DSA-449", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-449" }, { "name": "SSA:2004-049", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734" }, { "name": "O-083", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/o-083.shtml" }, { "name": "9692", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/9692" }, { "name": "10908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/10908" }, { "name": "MDKSA-2004:014", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:014" }, { "name": "metamail-contenttype-format-string(15245)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15245" }, { "name": "RHSA-2004:073", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-073.html" }, { "name": "20040218 metamail format string bugs and buffer overflows", "tags": [ "mailing-list", "x_refsource_VULNWATCH", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html" }, { "name": "VU#518518", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/518518" }, { "name": "20040218 metamail format string bugs and buffer overflows", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=107713476911429\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-02-18T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "metamail-printheader-format-string(15259)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15259" }, { "name": "DSA-449", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-449" }, { "name": "SSA:2004-049", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734" }, { "name": "O-083", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/o-083.shtml" }, { "name": "9692", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/9692" }, { "name": "10908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/10908" }, { "name": "MDKSA-2004:014", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:014" }, { "name": "metamail-contenttype-format-string(15245)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15245" }, { "name": "RHSA-2004:073", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-073.html" }, { "name": "20040218 metamail format string bugs and buffer overflows", "tags": [ "mailing-list", "x_refsource_VULNWATCH" ], "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html" }, { "name": "VU#518518", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/518518" }, { "name": "20040218 metamail format string bugs and buffer overflows", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=107713476911429\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0104", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "metamail-printheader-format-string(15259)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15259" }, { "name": "DSA-449", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-449" }, { "name": "SSA:2004-049", "refsource": "SLACKWARE", "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734" }, { "name": "O-083", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/o-083.shtml" }, { "name": "9692", "refsource": "BID", "url": "http://www.securityfocus.com/bid/9692" }, { "name": "10908", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/10908" }, { "name": "MDKSA-2004:014", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:014" }, { "name": "metamail-contenttype-format-string(15245)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15245" }, { "name": "RHSA-2004:073", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-073.html" }, { "name": "20040218 metamail format string bugs and buffer overflows", "refsource": "VULNWATCH", "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html" }, { "name": "VU#518518", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/518518" }, { "name": "20040218 metamail format string bugs and buffer overflows", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=107713476911429\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0104", "datePublished": "2004-02-19T05:00:00", "dateReserved": "2004-02-02T00:00:00", "dateUpdated": "2024-08-08T00:10:03.709Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0417 (GCVE-0-2004-0417)
Vulnerability from cvelistv5
- n/a
▼ | URL | Tags |
---|---|---|
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11145 | vdb-entry, signature, x_refsource_OVAL | |
http://www.debian.org/security/2004/dsa-519 | vendor-advisory, x_refsource_DEBIAN | |
http://security.e-matters.de/advisories/092004.html | x_refsource_MISC | |
ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc | vendor-advisory, x_refsource_SGI | |
http://marc.info/?l=bugtraq&m=108716553923643&w=2 | mailing-list, x_refsource_BUGTRAQ | |
http://www.redhat.com/support/errata/RHSA-2004-233.html | vendor-advisory, x_refsource_REDHAT | |
http://www.mandriva.com/security/advisories?name=MDKSA-2004:058 | vendor-advisory, x_refsource_MANDRAKE | |
http://security.gentoo.org/glsa/glsa-200406-06.xml | vendor-advisory, x_refsource_GENTOO | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1001 | vdb-entry, signature, x_refsource_OVAL | |
http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html | mailing-list, x_refsource_FULLDISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:17:14.946Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "oval:org.mitre.oval:def:11145", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11145" }, { "name": "DSA-519", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-519" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://security.e-matters.de/advisories/092004.html" }, { "name": "20040605-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=108716553923643\u0026w=2" }, { "name": "RHSA-2004:233", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-233.html" }, { "name": "MDKSA-2004:058", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058" }, { "name": "GLSA-200406-06", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200406-06.xml" }, { "name": "oval:org.mitre.oval:def:1001", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1001" }, { "name": "20040609 Advisory 09/2004: More CVS remote vulnerabilities", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-06-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in the \"Max-dotdot\" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "oval:org.mitre.oval:def:11145", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11145" }, { "name": "DSA-519", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-519" }, { "tags": [ "x_refsource_MISC" ], "url": "http://security.e-matters.de/advisories/092004.html" }, { "name": "20040605-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=108716553923643\u0026w=2" }, { "name": "RHSA-2004:233", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-233.html" }, { "name": "MDKSA-2004:058", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058" }, { "name": "GLSA-200406-06", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200406-06.xml" }, { "name": "oval:org.mitre.oval:def:1001", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1001" }, { "name": "20040609 Advisory 09/2004: More CVS remote vulnerabilities", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0417", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in the \"Max-dotdot\" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "oval:org.mitre.oval:def:11145", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11145" }, { "name": "DSA-519", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-519" }, { "name": "http://security.e-matters.de/advisories/092004.html", "refsource": "MISC", "url": "http://security.e-matters.de/advisories/092004.html" }, { "name": "20040605-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=108716553923643\u0026w=2" }, { "name": "RHSA-2004:233", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-233.html" }, { "name": "MDKSA-2004:058", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058" }, { "name": "GLSA-200406-06", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200406-06.xml" }, { "name": "oval:org.mitre.oval:def:1001", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1001" }, { "name": "20040609 Advisory 09/2004: More CVS remote vulnerabilities", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0417", "datePublished": "2004-06-11T04:00:00", "dateReserved": "2004-04-16T00:00:00", "dateUpdated": "2024-08-08T00:17:14.946Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0108 (GCVE-0-2004-0108)
Vulnerability from cvelistv5
- n/a
▼ | URL | Tags |
---|---|---|
ftp://patches.sgi.com/support/free/security/advisories/20040302-01-U.asc | vendor-advisory, x_refsource_SGI | |
http://www.redhat.com/support/errata/RHSA-2004-053.html | vendor-advisory, x_refsource_REDHAT | |
http://www.debian.org/security/2004/dsa-460 | vendor-advisory, x_refsource_DEBIAN | |
http://www.securityfocus.com/bid/9844 | vdb-entry, x_refsource_BID | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/15437 | vdb-entry, x_refsource_XF |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:10:03.343Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20040302-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040302-01-U.asc" }, { "name": "RHSA-2004:053", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-053.html" }, { "name": "DSA-460", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-460" }, { "name": "9844", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/9844" }, { "name": "sysstat-isag-symlink(15437)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15437" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2011-07-17T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20040302-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040302-01-U.asc" }, { "name": "RHSA-2004:053", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-053.html" }, { "name": "DSA-460", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-460" }, { "name": "9844", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/9844" }, { "name": "sysstat-isag-symlink(15437)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15437" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0108", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20040302-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040302-01-U.asc" }, { "name": "RHSA-2004:053", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-053.html" }, { "name": "DSA-460", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-460" }, { "name": "9844", "refsource": "BID", "url": "http://www.securityfocus.com/bid/9844" }, { "name": "sysstat-isag-symlink(15437)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15437" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0108", "datePublished": "2004-09-01T04:00:00", "dateReserved": "2004-02-02T00:00:00", "dateUpdated": "2024-08-08T00:10:03.343Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2003-0991 (GCVE-0-2003-0991)
Vulnerability from cvelistv5
- n/a
▼ | URL | Tags |
---|---|---|
ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc | vendor-advisory, x_refsource_SGI | |
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000842 | vendor-advisory, x_refsource_CONECTIVA | |
http://www.debian.org/security/2004/dsa-436 | vendor-advisory, x_refsource_DEBIAN | |
http://www.securityfocus.com/bid/9620 | vdb-entry, x_refsource_BID | |
http://www.redhat.com/support/errata/RHSA-2004-019.html | vendor-advisory, x_refsource_REDHAT | |
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:013 | vendor-advisory, x_refsource_MANDRAKE | |
http://mail.python.org/pipermail/mailman-announce/2004-February/000067.html | mailing-list, x_refsource_MLIST | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/15106 | vdb-entry, x_refsource_XF |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T02:12:35.459Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20040201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc" }, { "name": "CLA-2004:842", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000842" }, { "name": "DSA-436", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-436" }, { "name": "9620", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/9620" }, { "name": "RHSA-2004:019", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-019.html" }, { "name": "MDKSA-2004:013", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:013" }, { "name": "[Mailman-Announce] 20040208 RELEASED: Mailman 2.0.14 patch-only release", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://mail.python.org/pipermail/mailman-announce/2004-February/000067.html" }, { "name": "mailman-command-handler-dos(15106)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15106" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-02-08T00:00:00", "descriptions": [ { "lang": "en", "value": "Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2007-11-13T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20040201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc" }, { "name": "CLA-2004:842", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000842" }, { "name": "DSA-436", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-436" }, { "name": "9620", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/9620" }, { "name": "RHSA-2004:019", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-019.html" }, { "name": "MDKSA-2004:013", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:013" }, { "name": "[Mailman-Announce] 20040208 RELEASED: Mailman 2.0.14 patch-only release", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://mail.python.org/pipermail/mailman-announce/2004-February/000067.html" }, { "name": "mailman-command-handler-dos(15106)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15106" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0991", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20040201-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc" }, { "name": "CLA-2004:842", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000842" }, { "name": "DSA-436", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-436" }, { "name": "9620", "refsource": "BID", "url": "http://www.securityfocus.com/bid/9620" }, { "name": "RHSA-2004:019", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-019.html" }, { "name": "MDKSA-2004:013", "refsource": "MANDRAKE", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:013" }, { "name": "[Mailman-Announce] 20040208 RELEASED: Mailman 2.0.14 patch-only release", "refsource": "MLIST", "url": "http://mail.python.org/pipermail/mailman-announce/2004-February/000067.html" }, { "name": "mailman-command-handler-dos(15106)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15106" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0991", "datePublished": "2004-09-01T04:00:00", "dateReserved": "2003-12-16T00:00:00", "dateUpdated": "2024-08-08T02:12:35.459Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0110 (GCVE-0-2004-0110)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:10:03.262Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "oval:org.mitre.oval:def:11626", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11626" }, { "name": "oval:org.mitre.oval:def:875", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A875" }, { "name": "20040305 [OpenPKG-SA-2004.003] OpenPKG Security Advisory (libxml)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=107851606605420\u0026w=2" }, { "name": "RHSA-2004:090", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2004-090.html" }, { "name": "libxml2-nanoftp-bo(15302)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15302" }, { "name": "RHSA-2004:091", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-091.html" }, { "name": "9718", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/9718" }, { "name": "DSA-455", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-455" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.xmlsoft.org/news.html" }, { "name": "RHSA-2004:650", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-650.html" }, { "name": "O-086", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/o-086.shtml" }, { "name": "oval:org.mitre.oval:def:833", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A833" }, { "name": "10958", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/10958/" }, { "name": "SUSE-SR:2005:001", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html" }, { "name": "GLSA-200403-01", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200403-01.xml" }, { "name": "VU#493966", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/493966" }, { "name": "20040306 TSLSA-2004-0010 - libxml2", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=107860178228804\u0026w=2" }, { "name": "libxml2-nanohttp-bo(15301)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15301" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-02-26T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "oval:org.mitre.oval:def:11626", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11626" }, { "name": "oval:org.mitre.oval:def:875", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A875" }, { "name": "20040305 [OpenPKG-SA-2004.003] OpenPKG Security Advisory (libxml)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=107851606605420\u0026w=2" }, { "name": "RHSA-2004:090", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2004-090.html" }, { "name": "libxml2-nanoftp-bo(15302)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15302" }, { "name": "RHSA-2004:091", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-091.html" }, { "name": "9718", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/9718" }, { "name": "DSA-455", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-455" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.xmlsoft.org/news.html" }, { "name": "RHSA-2004:650", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-650.html" }, { "name": "O-086", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/o-086.shtml" }, { "name": "oval:org.mitre.oval:def:833", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A833" }, { "name": "10958", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/10958/" }, { "name": "SUSE-SR:2005:001", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html" }, { "name": "GLSA-200403-01", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200403-01.xml" }, { "name": "VU#493966", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/493966" }, { "name": "20040306 TSLSA-2004-0010 - libxml2", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=107860178228804\u0026w=2" }, { "name": "libxml2-nanohttp-bo(15301)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15301" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0110", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "oval:org.mitre.oval:def:11626", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11626" }, { "name": "oval:org.mitre.oval:def:875", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A875" }, { "name": "20040305 [OpenPKG-SA-2004.003] OpenPKG Security Advisory (libxml)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=107851606605420\u0026w=2" }, { "name": "RHSA-2004:090", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2004-090.html" }, { "name": "libxml2-nanoftp-bo(15302)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15302" }, { "name": "RHSA-2004:091", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-091.html" }, { "name": "9718", "refsource": "BID", "url": "http://www.securityfocus.com/bid/9718" }, { "name": "DSA-455", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-455" }, { "name": "http://www.xmlsoft.org/news.html", "refsource": "CONFIRM", "url": "http://www.xmlsoft.org/news.html" }, { "name": "RHSA-2004:650", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-650.html" }, { "name": "O-086", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/o-086.shtml" }, { "name": "oval:org.mitre.oval:def:833", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A833" }, { "name": "10958", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/10958/" }, { "name": "SUSE-SR:2005:001", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html" }, { "name": "GLSA-200403-01", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200403-01.xml" }, { "name": "VU#493966", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/493966" }, { "name": "20040306 TSLSA-2004-0010 - libxml2", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=107860178228804\u0026w=2" }, { "name": "libxml2-nanohttp-bo(15301)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15301" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0110", "datePublished": "2004-03-04T05:00:00", "dateReserved": "2004-02-02T00:00:00", "dateUpdated": "2024-08-08T00:10:03.262Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-0398 (GCVE-0-2005-0398)
Vulnerability from cvelistv5
- n/a
▼ | URL | Tags |
---|---|---|
https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=109966&action=view | x_refsource_MISC | |
http://www.mandriva.com/security/advisories?name=MDKSA-2005:062 | vendor-advisory, x_refsource_MANDRAKE | |
http://security.gentoo.org/glsa/glsa-200503-33.xml | vendor-advisory, x_refsource_GENTOO | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/19707 | vdb-entry, x_refsource_XF | |
http://www.securityfocus.com/bid/12804 | vdb-entry, x_refsource_BID | |
http://www.vupen.com/english/advisories/2005/0264 | vdb-entry, x_refsource_VUPEN | |
http://sourceforge.net/mailarchive/forum.php?thread_id=6787713&forum_id=32000 | mailing-list, x_refsource_MLIST | |
http://secunia.com/advisories/14584 | third-party-advisory, x_refsource_SECUNIA | |
http://www.redhat.com/support/errata/RHSA-2005-232.html | vendor-advisory, x_refsource_REDHAT | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10028 | vdb-entry, signature, x_refsource_OVAL | |
http://securitytracker.com/id?1013433 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T21:13:54.134Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=109966\u0026action=view" }, { "name": "MDKSA-2005:062", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:062" }, { "name": "GLSA-200503-33", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200503-33.xml" }, { "name": "racoon-isakmp-header-dos(19707)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19707" }, { "name": "12804", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/12804" }, { "name": "ADV-2005-0264", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2005/0264" }, { "name": "[ipsec-tools-devel] 20050312 potential remote crash in racoon", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=6787713\u0026forum_id=32000" }, { "name": "14584", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/14584" }, { "name": "RHSA-2005:232", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-232.html" }, { "name": "oval:org.mitre.oval:def:10028", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10028" }, { "name": "1013433", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1013433" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-03-15T00:00:00", "descriptions": [ { "lang": "en", "value": "The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=109966\u0026action=view" }, { "name": "MDKSA-2005:062", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:062" }, { "name": "GLSA-200503-33", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200503-33.xml" }, { "name": "racoon-isakmp-header-dos(19707)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19707" }, { "name": "12804", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/12804" }, { "name": "ADV-2005-0264", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2005/0264" }, { "name": "[ipsec-tools-devel] 20050312 potential remote crash in racoon", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=6787713\u0026forum_id=32000" }, { "name": "14584", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/14584" }, { "name": "RHSA-2005:232", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-232.html" }, { "name": "oval:org.mitre.oval:def:10028", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10028" }, { "name": "1013433", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1013433" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2005-0398", "datePublished": "2005-03-26T05:00:00", "dateReserved": "2005-02-14T00:00:00", "dateUpdated": "2024-08-07T21:13:54.134Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-1142 (GCVE-0-2004-1142)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:39:00.905Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.ethereal.com/appnotes/enpa-sa-00016.html" }, { "name": "CLA-2005:916", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "name": "GLSA-200412-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-15.xml" }, { "name": "13468", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/13468/" }, { "name": "MDKSA-2004:152", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:152" }, { "name": "RHSA-2005:037", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-037.html" }, { "name": "DSA-613", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-613" }, { "name": "11943", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/11943" }, { "name": "oval:org.mitre.oval:def:11278", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11278" }, { "name": "FLSA-2006:152922", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html" }, { "name": "P-061", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/p-061.shtml" }, { "name": "ethereal-smb-dos(18488)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18488" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-12-19T00:00:00", "descriptions": [ { "lang": "en", "value": "Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.ethereal.com/appnotes/enpa-sa-00016.html" }, { "name": "CLA-2005:916", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "name": "GLSA-200412-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-15.xml" }, { "name": "13468", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/13468/" }, { "name": "MDKSA-2004:152", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:152" }, { "name": "RHSA-2005:037", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-037.html" }, { "name": "DSA-613", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-613" }, { "name": "11943", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/11943" }, { "name": "oval:org.mitre.oval:def:11278", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11278" }, { "name": "FLSA-2006:152922", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html" }, { "name": "P-061", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/p-061.shtml" }, { "name": "ethereal-smb-dos(18488)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18488" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-1142", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.ethereal.com/appnotes/enpa-sa-00016.html", "refsource": "CONFIRM", "url": "http://www.ethereal.com/appnotes/enpa-sa-00016.html" }, { "name": "CLA-2005:916", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "name": "GLSA-200412-15", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-15.xml" }, { "name": "13468", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/13468/" }, { "name": "MDKSA-2004:152", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:152" }, { "name": "RHSA-2005:037", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-037.html" }, { "name": "DSA-613", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-613" }, { "name": "11943", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11943" }, { "name": "oval:org.mitre.oval:def:11278", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11278" }, { "name": "FLSA-2006:152922", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html" }, { "name": "P-061", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/p-061.shtml" }, { "name": "ethereal-smb-dos(18488)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18488" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-1142", "datePublished": "2004-12-31T05:00:00", "dateReserved": "2004-12-06T00:00:00", "dateUpdated": "2024-08-08T00:39:00.905Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0523 (GCVE-0-2004-0523)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:24:25.838Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "CLA-2004:860", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000860" }, { "name": "FEDORA-2004-149", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lwn.net/Articles/88206/" }, { "name": "RHSA-2004:236", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-236.html" }, { "name": "oval:org.mitre.oval:def:991", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A991" }, { "name": "DSA-520", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-520" }, { "name": "oval:org.mitre.oval:def:724", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A724" }, { "name": "20040601 MITKRB5-SA-2004-001: buffer overflows in krb5_aname_to_localname", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=108612325909496\u0026w=2" }, { "name": "VU#686862", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/686862" }, { "name": "GLSA-200406-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200406-21.xml" }, { "name": "20040605-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "Kerberos-krb5anametolocalname-bo(16268)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16268" }, { "name": "20040602 TSSA-2004-009 - kerberos5", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=108619161815320\u0026w=2" }, { "name": "MDKSA-2004:056", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:056" }, { "name": "101512", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101512-1" }, { "name": "2004-0032", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=108619250923790\u0026w=2" }, { "name": "10448", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/10448" }, { "name": "20040604-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "oval:org.mitre.oval:def:2002", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2002" }, { "name": "oval:org.mitre.oval:def:10295", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10295" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-06-01T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "CLA-2004:860", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000860" }, { "name": "FEDORA-2004-149", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lwn.net/Articles/88206/" }, { "name": "RHSA-2004:236", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-236.html" }, { "name": "oval:org.mitre.oval:def:991", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A991" }, { "name": "DSA-520", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-520" }, { "name": "oval:org.mitre.oval:def:724", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A724" }, { "name": "20040601 MITKRB5-SA-2004-001: buffer overflows in krb5_aname_to_localname", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=108612325909496\u0026w=2" }, { "name": "VU#686862", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/686862" }, { "name": "GLSA-200406-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200406-21.xml" }, { "name": "20040605-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "Kerberos-krb5anametolocalname-bo(16268)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16268" }, { "name": "20040602 TSSA-2004-009 - kerberos5", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=108619161815320\u0026w=2" }, { "name": "MDKSA-2004:056", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:056" }, { "name": "101512", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101512-1" }, { "name": "2004-0032", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://marc.info/?l=bugtraq\u0026m=108619250923790\u0026w=2" }, { "name": "10448", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/10448" }, { "name": "20040604-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "oval:org.mitre.oval:def:2002", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2002" }, { "name": "oval:org.mitre.oval:def:10295", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10295" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0523", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "CLA-2004:860", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000860" }, { "name": "FEDORA-2004-149", "refsource": "FEDORA", "url": "http://lwn.net/Articles/88206/" }, { "name": "RHSA-2004:236", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-236.html" }, { "name": "oval:org.mitre.oval:def:991", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A991" }, { "name": "DSA-520", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-520" }, { "name": "oval:org.mitre.oval:def:724", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A724" }, { "name": "20040601 MITKRB5-SA-2004-001: buffer overflows in krb5_aname_to_localname", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=108612325909496\u0026w=2" }, { "name": "VU#686862", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/686862" }, { "name": "GLSA-200406-21", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200406-21.xml" }, { "name": "20040605-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "Kerberos-krb5anametolocalname-bo(16268)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16268" }, { "name": "20040602 TSSA-2004-009 - kerberos5", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=108619161815320\u0026w=2" }, { "name": "MDKSA-2004:056", "refsource": "MANDRAKE", "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:056" }, { "name": "101512", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101512-1" }, { "name": "2004-0032", "refsource": "TRUSTIX", "url": "http://marc.info/?l=bugtraq\u0026m=108619250923790\u0026w=2" }, { "name": "10448", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10448" }, { "name": "20040604-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "oval:org.mitre.oval:def:2002", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2002" }, { "name": "oval:org.mitre.oval:def:10295", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10295" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0523", "datePublished": "2004-06-03T04:00:00", "dateReserved": "2004-06-03T00:00:00", "dateUpdated": "2024-08-08T00:24:25.838Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0235 (GCVE-0-2004-0235)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:10:03.724Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "CLA-2004:840", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840" }, { "name": "FEDORA-2004-119", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html" }, { "name": "10243", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/10243" }, { "name": "20040501 LHa buffer overflows and directory traversal problems", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html" }, { "name": "lha-directory-traversal(16013)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013" }, { "name": "RHSA-2004:179", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-179.html" }, { "name": "FLSA:1833", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833" }, { "name": "DSA-515", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-515" }, { "name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2" }, { "name": "GLSA-200405-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200405-02.xml" }, { "name": "RHSA-2004:178", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-178.html" }, { "name": "oval:org.mitre.oval:def:978", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978" }, { "name": "oval:org.mitre.oval:def:10409", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-04-30T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes (\"//absolute/path\")." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "CLA-2004:840", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840" }, { "name": "FEDORA-2004-119", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html" }, { "name": "10243", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/10243" }, { "name": "20040501 LHa buffer overflows and directory traversal problems", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html" }, { "name": "lha-directory-traversal(16013)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013" }, { "name": "RHSA-2004:179", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-179.html" }, { "name": "FLSA:1833", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833" }, { "name": "DSA-515", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-515" }, { "name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2" }, { "name": "GLSA-200405-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200405-02.xml" }, { "name": "RHSA-2004:178", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-178.html" }, { "name": "oval:org.mitre.oval:def:978", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978" }, { "name": "oval:org.mitre.oval:def:10409", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0235", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes (\"//absolute/path\")." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "CLA-2004:840", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840" }, { "name": "FEDORA-2004-119", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html" }, { "name": "10243", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10243" }, { "name": "20040501 LHa buffer overflows and directory traversal problems", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html" }, { "name": "lha-directory-traversal(16013)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013" }, { "name": "RHSA-2004:179", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-179.html" }, { "name": "FLSA:1833", "refsource": "FEDORA", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833" }, { "name": "DSA-515", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-515" }, { "name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2" }, { "name": "GLSA-200405-02", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200405-02.xml" }, { "name": "RHSA-2004:178", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-178.html" }, { "name": "oval:org.mitre.oval:def:978", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978" }, { "name": "oval:org.mitre.oval:def:10409", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0235", "datePublished": "2004-05-05T04:00:00", "dateReserved": "2004-03-17T00:00:00", "dateUpdated": "2024-08-08T00:10:03.724Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0232 (GCVE-0-2004-0232)
Vulnerability from cvelistv5
- n/a
▼ | URL | Tags |
---|---|---|
http://www.novell.com/linux/security/advisories/2004_12_mc.html | vendor-advisory, x_refsource_SUSE | |
http://security.gentoo.org/glsa/glsa-200405-21.xml | vendor-advisory, x_refsource_GENTOO | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/16021 | vdb-entry, x_refsource_XF | |
http://www.mandriva.com/security/advisories?name=MDKSA-2004:039 | vendor-advisory, x_refsource_MANDRAKE | |
http://www.debian.org/security/2004/dsa-497 | vendor-advisory, x_refsource_DEBIAN | |
http://www.redhat.com/support/errata/RHSA-2004-172.html | vendor-advisory, x_refsource_REDHAT |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:10:03.655Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SuSE-SA:2004:012", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html" }, { "name": "GLSA-200405-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml" }, { "name": "midnight-commander-format-string(16021)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16021" }, { "name": "MDKSA-2004:039", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039" }, { "name": "DSA-497", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-497" }, { "name": "RHSA-2004:172", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-04-29T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "SuSE-SA:2004:012", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html" }, { "name": "GLSA-200405-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml" }, { "name": "midnight-commander-format-string(16021)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16021" }, { "name": "MDKSA-2004:039", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039" }, { "name": "DSA-497", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-497" }, { "name": "RHSA-2004:172", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0232", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SuSE-SA:2004:012", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html" }, { "name": "GLSA-200405-21", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml" }, { "name": "midnight-commander-format-string(16021)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16021" }, { "name": "MDKSA-2004:039", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039" }, { "name": "DSA-497", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-497" }, { "name": "RHSA-2004:172", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0232", "datePublished": "2004-05-05T04:00:00", "dateReserved": "2004-03-17T00:00:00", "dateUpdated": "2024-08-08T00:10:03.655Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0521 (GCVE-0-2004-0521)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:17:15.247Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "12289", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/12289" }, { "name": "10397", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/10397" }, { "name": "oval:org.mitre.oval:def:11446", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11446" }, { "name": "6841", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/6841" }, { "name": "FEDORA-2004-160", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/advisories/6827" }, { "name": "11686", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11686" }, { "name": "11685", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11685" }, { "name": "11870", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11870" }, { "name": "[squirrelmail-cvs] 20040427 [SM-CVS] CVS: squirrelmail/functions abook_database.php,1.15.2.1,1.15.2.2", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://marc.info/?l=squirrelmail-cvs\u0026m=108309375029888" }, { "name": "DSA-535", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-535" }, { "name": "RHSA-2004:240", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2004-240.html" }, { "name": "squirrelmail-sql-injection(16235)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16235" }, { "name": "FEDORA-2004-1733", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1733" }, { "name": "GLSA-200405-16", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200405-16.xml" }, { "name": "[squirrelmail-devel] 20040511 [SM-DEVEL] SquirrelMail 1.4.3-RC1 Release", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://marc.info/?l=squirrelmail-cvs\u0026m=108532891231712" }, { "name": "oval:org.mitre.oval:def:1033", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1033" }, { "name": "20040604-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "CLA-2004:858", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000858" }, { "name": "APPLE-SA-2004-09-07", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://www.securityfocus.com/advisories/7148" }, { "name": "O-212", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/o-212.shtml" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-05-11T00:00:00", "descriptions": [ { "lang": "en", "value": "SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 allows remote attackers to execute unauthorized SQL statements, with unknown impact, probably via abook_database.php." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "12289", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/12289" }, { "name": "10397", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/10397" }, { "name": "oval:org.mitre.oval:def:11446", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11446" }, { "name": "6841", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/6841" }, { "name": "FEDORA-2004-160", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/advisories/6827" }, { "name": "11686", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11686" }, { "name": "11685", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11685" }, { "name": "11870", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11870" }, { "name": "[squirrelmail-cvs] 20040427 [SM-CVS] CVS: squirrelmail/functions abook_database.php,1.15.2.1,1.15.2.2", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://marc.info/?l=squirrelmail-cvs\u0026m=108309375029888" }, { "name": "DSA-535", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-535" }, { "name": "RHSA-2004:240", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2004-240.html" }, { "name": "squirrelmail-sql-injection(16235)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16235" }, { "name": "FEDORA-2004-1733", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1733" }, { "name": "GLSA-200405-16", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200405-16.xml" }, { "name": "[squirrelmail-devel] 20040511 [SM-DEVEL] SquirrelMail 1.4.3-RC1 Release", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://marc.info/?l=squirrelmail-cvs\u0026m=108532891231712" }, { "name": "oval:org.mitre.oval:def:1033", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1033" }, { "name": "20040604-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "CLA-2004:858", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000858" }, { "name": "APPLE-SA-2004-09-07", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://www.securityfocus.com/advisories/7148" }, { "name": "O-212", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/o-212.shtml" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0521", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 allows remote attackers to execute unauthorized SQL statements, with unknown impact, probably via abook_database.php." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "12289", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/12289" }, { "name": "10397", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10397" }, { "name": "oval:org.mitre.oval:def:11446", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11446" }, { "name": "6841", "refsource": "OSVDB", "url": "http://www.osvdb.org/6841" }, { "name": "FEDORA-2004-160", "refsource": "FEDORA", "url": "http://www.securityfocus.com/advisories/6827" }, { "name": "11686", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11686" }, { "name": "11685", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11685" }, { "name": "11870", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11870" }, { "name": "[squirrelmail-cvs] 20040427 [SM-CVS] CVS: squirrelmail/functions abook_database.php,1.15.2.1,1.15.2.2", "refsource": "MLIST", "url": "http://marc.info/?l=squirrelmail-cvs\u0026m=108309375029888" }, { "name": "DSA-535", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-535" }, { "name": "RHSA-2004:240", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2004-240.html" }, { "name": "squirrelmail-sql-injection(16235)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16235" }, { "name": "FEDORA-2004-1733", "refsource": "FEDORA", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1733" }, { "name": "GLSA-200405-16", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200405-16.xml" }, { "name": "[squirrelmail-devel] 20040511 [SM-DEVEL] SquirrelMail 1.4.3-RC1 Release", "refsource": "MLIST", "url": "http://marc.info/?l=squirrelmail-cvs\u0026m=108532891231712" }, { "name": "oval:org.mitre.oval:def:1033", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1033" }, { "name": "20040604-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "CLA-2004:858", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000858" }, { "name": "APPLE-SA-2004-09-07", "refsource": "APPLE", "url": "http://www.securityfocus.com/advisories/7148" }, { "name": "O-212", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/o-212.shtml" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0521", "datePublished": "2004-06-03T04:00:00", "dateReserved": "2004-06-02T00:00:00", "dateUpdated": "2024-08-08T00:17:15.247Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0416 (GCVE-0-2004-0416)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:17:14.603Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-519", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-519" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://security.e-matters.de/advisories/092004.html" }, { "name": "20040605-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=108716553923643\u0026w=2" }, { "name": "oval:org.mitre.oval:def:10070", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10070" }, { "name": "RHSA-2004:233", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-233.html" }, { "name": "MDKSA-2004:058", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058" }, { "name": "GLSA-200406-06", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200406-06.xml" }, { "name": "20040604-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "oval:org.mitre.oval:def:994", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A994" }, { "name": "20040609 Advisory 09/2004: More CVS remote vulnerabilities", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-06-09T00:00:00", "descriptions": [ { "lang": "en", "value": "Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "DSA-519", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-519" }, { "tags": [ "x_refsource_MISC" ], "url": "http://security.e-matters.de/advisories/092004.html" }, { "name": "20040605-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=108716553923643\u0026w=2" }, { "name": "oval:org.mitre.oval:def:10070", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10070" }, { "name": "RHSA-2004:233", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-233.html" }, { "name": "MDKSA-2004:058", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058" }, { "name": "GLSA-200406-06", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200406-06.xml" }, { "name": "20040604-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "oval:org.mitre.oval:def:994", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A994" }, { "name": "20040609 Advisory 09/2004: More CVS remote vulnerabilities", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0416", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "DSA-519", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-519" }, { "name": "http://security.e-matters.de/advisories/092004.html", "refsource": "MISC", "url": "http://security.e-matters.de/advisories/092004.html" }, { "name": "20040605-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=108716553923643\u0026w=2" }, { "name": "oval:org.mitre.oval:def:10070", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10070" }, { "name": "RHSA-2004:233", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-233.html" }, { "name": "MDKSA-2004:058", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058" }, { "name": "GLSA-200406-06", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200406-06.xml" }, { "name": "20040604-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "oval:org.mitre.oval:def:994", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A994" }, { "name": "20040609 Advisory 09/2004: More CVS remote vulnerabilities", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0416", "datePublished": "2004-06-11T04:00:00", "dateReserved": "2004-04-16T00:00:00", "dateUpdated": "2024-08-08T00:17:14.603Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0505 (GCVE-0-2004-0505)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:17:15.245Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "11776", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11776" }, { "name": "CLA-2005:916", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "name": "10347", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/10347" }, { "name": "11608", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11608" }, { "name": "oval:org.mitre.oval:def:986", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A986" }, { "name": "11836", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11836" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.ethereal.com/appnotes/enpa-sa-00014.html" }, { "name": "RHSA-2004:234", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-234.html" }, { "name": "O-150", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/o-150.shtml" }, { "name": "20040605-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "6132", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/6132" }, { "name": "GLSA-200406-01", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200406-01.xml" }, { "name": "20040604-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "1010158", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1010158" }, { "name": "oval:org.mitre.oval:def:9433", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9433" }, { "name": "ethereal-aim-dissector-dos(16150)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16150" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-05-13T00:00:00", "descriptions": [ { "lang": "en", "value": "The AIM dissector in Ethereal 0.10.3 allows remote attackers to cause a denial of service (assert error) via unknown attack vectors." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "11776", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11776" }, { "name": "CLA-2005:916", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "name": "10347", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/10347" }, { "name": "11608", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11608" }, { "name": "oval:org.mitre.oval:def:986", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A986" }, { "name": "11836", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11836" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.ethereal.com/appnotes/enpa-sa-00014.html" }, { "name": "RHSA-2004:234", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-234.html" }, { "name": "O-150", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/o-150.shtml" }, { "name": "20040605-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "6132", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/6132" }, { "name": "GLSA-200406-01", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200406-01.xml" }, { "name": "20040604-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "1010158", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1010158" }, { "name": "oval:org.mitre.oval:def:9433", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9433" }, { "name": "ethereal-aim-dissector-dos(16150)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16150" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0505", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The AIM dissector in Ethereal 0.10.3 allows remote attackers to cause a denial of service (assert error) via unknown attack vectors." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "11776", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11776" }, { "name": "CLA-2005:916", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "name": "10347", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10347" }, { "name": "11608", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11608" }, { "name": "oval:org.mitre.oval:def:986", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A986" }, { "name": "11836", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11836" }, { "name": "http://www.ethereal.com/appnotes/enpa-sa-00014.html", "refsource": "CONFIRM", "url": "http://www.ethereal.com/appnotes/enpa-sa-00014.html" }, { "name": "RHSA-2004:234", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-234.html" }, { "name": "O-150", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/o-150.shtml" }, { "name": "20040605-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "6132", "refsource": "OSVDB", "url": "http://www.osvdb.org/6132" }, { "name": "GLSA-200406-01", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200406-01.xml" }, { "name": "20040604-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "1010158", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1010158" }, { "name": "oval:org.mitre.oval:def:9433", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9433" }, { "name": "ethereal-aim-dissector-dos(16150)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16150" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0505", "datePublished": "2004-06-03T04:00:00", "dateReserved": "2004-06-01T00:00:00", "dateUpdated": "2024-08-08T00:17:15.245Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2003-0859 (GCVE-0-2003-0859)
Vulnerability from cvelistv5
- n/a
▼ | URL | Tags |
---|---|---|
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11337 | vdb-entry, signature, x_refsource_OVAL | |
http://www.redhat.com/support/errata/RHSA-2003-325.html | vendor-advisory, x_refsource_REDHAT | |
http://www.redhat.com/support/errata/RHSA-2003-334.html | vendor-advisory, x_refsource_REDHAT |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T02:05:12.613Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "oval:org.mitre.oval:def:11337", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11337" }, { "name": "RHSA-2003:325", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-325.html" }, { "name": "RHSA-2003:334", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-334.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-11-12T00:00:00", "descriptions": [ { "lang": "en", "value": "The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "oval:org.mitre.oval:def:11337", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11337" }, { "name": "RHSA-2003:325", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-325.html" }, { "name": "RHSA-2003:334", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-334.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0859", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "oval:org.mitre.oval:def:11337", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11337" }, { "name": "RHSA-2003:325", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-325.html" }, { "name": "RHSA-2003:334", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-334.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0859", "datePublished": "2003-11-18T05:00:00", "dateReserved": "2003-10-10T00:00:00", "dateUpdated": "2024-08-08T02:05:12.613Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0492 (GCVE-0-2004-0492)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:17:15.109Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20040611 [OpenPKG-SA-2004.029] OpenPKG Security Advisory (apache)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=108711172710140\u0026w=2" }, { "name": "FLSA:1737", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1737" }, { "name": "RHSA-2004:245", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2004-245.html" }, { "name": "SSRT090208", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.guninski.com/modproxy1.html" }, { "name": "57628", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1" }, { "name": "20040610 Buffer overflow in apache mod_proxy,yet still apache much better than windows", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html" }, { "name": "oval:org.mitre.oval:def:100112", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112" }, { "name": "MDKSA-2004:065", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:065" }, { "name": "oval:org.mitre.oval:def:4863", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863" }, { "name": "101555", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1" }, { "name": "20040605-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "DSA-525", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-525" }, { "name": "HPSBOV02683", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2" }, { "name": "VU#541310", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/541310" }, { "name": "101841", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1" }, { "name": "11841", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11841" }, { "name": "apache-modproxy-contentlength-bo(16387)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16387" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888194 [3/13] - /httpd/site/trunk/content/security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-06-10T00:00:00", "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-06T10:08:07", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20040611 [OpenPKG-SA-2004.029] OpenPKG Security Advisory (apache)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=108711172710140\u0026w=2" }, { "name": "FLSA:1737", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1737" }, { "name": "RHSA-2004:245", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2004-245.html" }, { "name": "SSRT090208", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.guninski.com/modproxy1.html" }, { "name": "57628", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1" }, { "name": "20040610 Buffer overflow in apache mod_proxy,yet still apache much better than windows", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html" }, { "name": "oval:org.mitre.oval:def:100112", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112" }, { "name": "MDKSA-2004:065", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:065" }, { "name": "oval:org.mitre.oval:def:4863", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863" }, { "name": "101555", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1" }, { "name": "20040605-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "DSA-525", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-525" }, { "name": "HPSBOV02683", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2" }, { "name": "VU#541310", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/541310" }, { "name": "101841", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1" }, { "name": "11841", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11841" }, { "name": "apache-modproxy-contentlength-bo(16387)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16387" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888194 [3/13] - /httpd/site/trunk/content/security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0492", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20040611 [OpenPKG-SA-2004.029] OpenPKG Security Advisory (apache)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=108711172710140\u0026w=2" }, { "name": "FLSA:1737", "refsource": "FEDORA", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1737" }, { "name": "RHSA-2004:245", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2004-245.html" }, { "name": "SSRT090208", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2" }, { "name": "http://www.guninski.com/modproxy1.html", "refsource": "MISC", "url": "http://www.guninski.com/modproxy1.html" }, { "name": "57628", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1" }, { "name": "20040610 Buffer overflow in apache mod_proxy,yet still apache much better than windows", "refsource": "FULLDISC", "url": "http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html" }, { "name": "oval:org.mitre.oval:def:100112", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112" }, { "name": "MDKSA-2004:065", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:065" }, { "name": "oval:org.mitre.oval:def:4863", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863" }, { "name": "101555", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1" }, { "name": "20040605-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "DSA-525", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-525" }, { "name": "HPSBOV02683", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2" }, { "name": "VU#541310", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/541310" }, { "name": "101841", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1" }, { "name": "11841", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11841" }, { "name": "apache-modproxy-contentlength-bo(16387)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16387" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073139 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1888194 [3/13] - /httpd/site/trunk/content/security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [4/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E" }, { "name": "[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0492", "datePublished": "2004-06-23T04:00:00", "dateReserved": "2004-05-27T00:00:00", "dateUpdated": "2024-08-08T00:17:15.109Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2006-1167 (GCVE-0-2006-1167)
Vulnerability from cvelistv5
- n/a
▼ | URL | Tags |
---|---|---|
http://secunia.com/advisories/19607 | third-party-advisory, x_refsource_SECUNIA | |
ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U | vendor-advisory, x_refsource_SGI | |
http://www.osvdb.org/24571 | vdb-entry, x_refsource_OSVDB |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T17:03:28.490Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "19607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19607" }, { "name": "20060402-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U" }, { "name": "24571", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/24571" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "SGI ProPack 3 SP6 kernel displays the frame buffer contents of the last session after a reboot, which might allow local users to obtain sensitive information." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2007-02-06T22:00:00Z", "orgId": "bc94ec7e-8909-4cbb-83df-d2fc9330fa88", "shortName": "sgi" }, "references": [ { "name": "19607", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19607" }, { "name": "20060402-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U" }, { "name": "24571", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/24571" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security-info@sgi.com", "ID": "CVE-2006-1167", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "SGI ProPack 3 SP6 kernel displays the frame buffer contents of the last session after a reboot, which might allow local users to obtain sensitive information." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "19607", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19607" }, { "name": "20060402-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U" }, { "name": "24571", "refsource": "OSVDB", "url": "http://www.osvdb.org/24571" } ] } } } }, "cveMetadata": { "assignerOrgId": "bc94ec7e-8909-4cbb-83df-d2fc9330fa88", "assignerShortName": "sgi", "cveId": "CVE-2006-1167", "datePublished": "2007-02-06T22:00:00Z", "dateReserved": "2006-03-12T00:00:00Z", "dateUpdated": "2024-09-16T21:57:22.639Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0226 (GCVE-0-2004-0226)
Vulnerability from cvelistv5
- n/a
▼ | URL | Tags |
---|---|---|
http://www.novell.com/linux/security/advisories/2004_12_mc.html | vendor-advisory, x_refsource_SUSE | |
http://security.gentoo.org/glsa/glsa-200405-21.xml | vendor-advisory, x_refsource_GENTOO | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/16016 | vdb-entry, x_refsource_XF | |
http://www.mandriva.com/security/advisories?name=MDKSA-2004:039 | vendor-advisory, x_refsource_MANDRAKE | |
http://www.debian.org/security/2004/dsa-497 | vendor-advisory, x_refsource_DEBIAN | |
http://www.redhat.com/support/errata/RHSA-2004-172.html | vendor-advisory, x_refsource_REDHAT |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:10:03.623Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SuSE-SA:2004:012", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html" }, { "name": "GLSA-200405-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml" }, { "name": "midnight-commander-local-privileges(16016)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16016" }, { "name": "MDKSA-2004:039", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039" }, { "name": "DSA-497", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-497" }, { "name": "RHSA-2004:172", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-04-29T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "SuSE-SA:2004:012", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html" }, { "name": "GLSA-200405-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml" }, { "name": "midnight-commander-local-privileges(16016)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16016" }, { "name": "MDKSA-2004:039", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039" }, { "name": "DSA-497", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-497" }, { "name": "RHSA-2004:172", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0226", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SuSE-SA:2004:012", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html" }, { "name": "GLSA-200405-21", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml" }, { "name": "midnight-commander-local-privileges(16016)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16016" }, { "name": "MDKSA-2004:039", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039" }, { "name": "DSA-497", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-497" }, { "name": "RHSA-2004:172", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0226", "datePublished": "2004-05-05T04:00:00", "dateReserved": "2004-03-17T00:00:00", "dateUpdated": "2024-08-08T00:10:03.623Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0231 (GCVE-0-2004-0231)
Vulnerability from cvelistv5
- n/a
▼ | URL | Tags |
---|---|---|
http://www.novell.com/linux/security/advisories/2004_12_mc.html | vendor-advisory, x_refsource_SUSE | |
http://security.gentoo.org/glsa/glsa-200405-21.xml | vendor-advisory, x_refsource_GENTOO | |
http://www.mandriva.com/security/advisories?name=MDKSA-2004:039 | vendor-advisory, x_refsource_MANDRAKE | |
http://www.debian.org/security/2004/dsa-497 | vendor-advisory, x_refsource_DEBIAN | |
http://www.redhat.com/support/errata/RHSA-2004-172.html | vendor-advisory, x_refsource_REDHAT | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/16020 | vdb-entry, x_refsource_XF |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:10:03.983Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SuSE-SA:2004:012", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html" }, { "name": "GLSA-200405-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml" }, { "name": "MDKSA-2004:039", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039" }, { "name": "DSA-497", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-497" }, { "name": "RHSA-2004:172", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html" }, { "name": "midnight-commander-insecure-files(16020)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16020" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-04-29T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to \"Insecure temporary file and directory creations.\"" } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "SuSE-SA:2004:012", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html" }, { "name": "GLSA-200405-21", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml" }, { "name": "MDKSA-2004:039", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039" }, { "name": "DSA-497", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-497" }, { "name": "RHSA-2004:172", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html" }, { "name": "midnight-commander-insecure-files(16020)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16020" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0231", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to \"Insecure temporary file and directory creations.\"" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SuSE-SA:2004:012", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html" }, { "name": "GLSA-200405-21", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml" }, { "name": "MDKSA-2004:039", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039" }, { "name": "DSA-497", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-497" }, { "name": "RHSA-2004:172", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html" }, { "name": "midnight-commander-insecure-files(16020)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16020" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0231", "datePublished": "2004-05-05T04:00:00", "dateReserved": "2004-03-17T00:00:00", "dateUpdated": "2024-08-08T00:10:03.983Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0233 (GCVE-0-2004-0233)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:10:03.818Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "MDKSA-2004:031", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:031" }, { "name": "1000752", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000752.1-1" }, { "name": "utemper-symlink(15904)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15904" }, { "name": "RHSA-2004:174", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-174.html" }, { "name": "SSA:2004-110", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404389" }, { "name": "GLSA-200405-05", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200405-05.xml" }, { "name": "oval:org.mitre.oval:def:10115", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10115" }, { "name": "10178", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/10178" }, { "name": "oval:org.mitre.oval:def:979", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A979" }, { "name": "RHSA-2004:175", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-175.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-04-30T00:00:00", "descriptions": [ { "lang": "en", "value": "Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "MDKSA-2004:031", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:031" }, { "name": "1000752", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000752.1-1" }, { "name": "utemper-symlink(15904)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15904" }, { "name": "RHSA-2004:174", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-174.html" }, { "name": "SSA:2004-110", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404389" }, { "name": "GLSA-200405-05", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200405-05.xml" }, { "name": "oval:org.mitre.oval:def:10115", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10115" }, { "name": "10178", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/10178" }, { "name": "oval:org.mitre.oval:def:979", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A979" }, { "name": "RHSA-2004:175", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-175.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0233", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "MDKSA-2004:031", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:031" }, { "name": "1000752", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000752.1-1" }, { "name": "utemper-symlink(15904)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15904" }, { "name": "RHSA-2004:174", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-174.html" }, { "name": "SSA:2004-110", "refsource": "SLACKWARE", "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404389" }, { "name": "GLSA-200405-05", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200405-05.xml" }, { "name": "oval:org.mitre.oval:def:10115", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10115" }, { "name": "10178", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10178" }, { "name": "oval:org.mitre.oval:def:979", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A979" }, { "name": "RHSA-2004:175", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-175.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0233", "datePublished": "2004-05-05T04:00:00", "dateReserved": "2004-03-17T00:00:00", "dateUpdated": "2024-08-08T00:10:03.818Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-1043 (GCVE-0-2005-1043)
Vulnerability from cvelistv5
- n/a
▼ | URL | Tags |
---|---|---|
http://www.redhat.com/support/errata/RHSA-2005-406.html | vendor-advisory, x_refsource_REDHAT | |
http://www.mandriva.com/security/advisories?name=MDKSA-2005:072 | vendor-advisory, x_refsource_MANDRAKE | |
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154025 | x_refsource_CONFIRM | |
http://www.gentoo.org/security/en/glsa/glsa-200504-15.xml | vendor-advisory, x_refsource_GENTOO | |
http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html | vendor-advisory, x_refsource_APPLE | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10307 | vdb-entry, signature, x_refsource_OVAL | |
https://usn.ubuntu.com/112-1/ | vendor-advisory, x_refsource_UBUNTU | |
http://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.29&r2=1.118.2.30&ty=u | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T21:35:59.682Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2005:406", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-406.html" }, { "name": "MDKSA-2005:072", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:072" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154025" }, { "name": "GLSA-200504-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200504-15.xml" }, { "name": "APPLE-SA-2005-06-08", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html" }, { "name": "oval:org.mitre.oval:def:10307", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10307" }, { "name": "USN-112-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/112-1/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.29\u0026r2=1.118.2.30\u0026ty=u" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-03-31T00:00:00", "descriptions": [ { "lang": "en", "value": "exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-03T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2005:406", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-406.html" }, { "name": "MDKSA-2005:072", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:072" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154025" }, { "name": "GLSA-200504-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200504-15.xml" }, { "name": "APPLE-SA-2005-06-08", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html" }, { "name": "oval:org.mitre.oval:def:10307", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10307" }, { "name": "USN-112-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/112-1/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.29\u0026r2=1.118.2.30\u0026ty=u" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2005-1043", "datePublished": "2005-04-12T04:00:00", "dateReserved": "2005-04-12T00:00:00", "dateUpdated": "2024-08-07T21:35:59.682Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2003-0795 (GCVE-0-2003-0795)
Vulnerability from cvelistv5
- n/a
▼ | URL | Tags |
---|---|---|
http://www.redhat.com/support/errata/RHSA-2003-305.html | vendor-advisory, x_refsource_REDHAT | |
http://marc.info/?l=bugtraq&m=106883387304266&w=2 | mailing-list, x_refsource_BUGTRAQ | |
http://www.debian.org/security/2004/dsa-415 | vendor-advisory, x_refsource_DEBIAN | |
http://secunia.com/advisories/10563 | third-party-advisory, x_refsource_SECUNIA | |
http://www.redhat.com/support/errata/RHSA-2003-307.html | vendor-advisory, x_refsource_REDHAT |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T02:05:12.613Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2003:305", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-305.html" }, { "name": "20031114 Quagga remote vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=106883387304266\u0026w=2" }, { "name": "DSA-415", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-415" }, { "name": "10563", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/10563" }, { "name": "RHSA-2003:307", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-307.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2003-11-12T00:00:00", "descriptions": [ { "lang": "en", "value": "The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2003:305", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-305.html" }, { "name": "20031114 Quagga remote vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=106883387304266\u0026w=2" }, { "name": "DSA-415", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-415" }, { "name": "10563", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/10563" }, { "name": "RHSA-2003:307", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-307.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0795", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2003:305", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-305.html" }, { "name": "20031114 Quagga remote vulnerability", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=106883387304266\u0026w=2" }, { "name": "DSA-415", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-415" }, { "name": "10563", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/10563" }, { "name": "RHSA-2003:307", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2003-307.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0795", "datePublished": "2003-11-18T05:00:00", "dateReserved": "2003-09-17T00:00:00", "dateUpdated": "2024-08-08T02:05:12.613Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0079 (GCVE-0-2004-0079)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:01:23.689Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "9899", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/9899" }, { "name": "FEDORA-2005-1042", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html" }, { "name": "ESA-20040317-003", "tags": [ "vendor-advisory", "x_refsource_ENGARDE", "x_transferred" ], "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html" }, { "name": "SSRT4717", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2" }, { "name": "RHSA-2004:121", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "name": "MDKSA-2004:023", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023" }, { "name": "oval:org.mitre.oval:def:2621", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621" }, { "name": "CLA-2004:834", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "name": "SCOSA-2004.10", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "name": "17381", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17381" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "name": "FEDORA-2004-095", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml" }, { "name": "oval:org.mitre.oval:def:9779", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779" }, { "name": "oval:org.mitre.oval:def:975", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975" }, { "name": "57524", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "name": "SuSE-SA:2004:007", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.openssl.org/news/secadv_20040317.txt" }, { "name": "FreeBSD-SA-04:05", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc" }, { "name": "NetBSD-SA2004-005", "tags": [ "vendor-advisory", "x_refsource_NETBSD", "x_transferred" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc" }, { "name": "O-101", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml" }, { "name": "TA04-078A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "name": "17401", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17401" }, { "name": "RHSA-2005:829", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-829.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm" }, { "name": "oval:org.mitre.oval:def:870", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870" }, { "name": "RHSA-2005:830", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-830.html" }, { "name": "GLSA-200403-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "name": "11139", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11139" }, { "name": "RHSA-2004:120", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US" }, { "name": "APPLE-SA-2005-08-15", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "name": "17398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17398" }, { "name": "SSA:2004-077", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961" }, { "name": "RHSA-2004:139", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html" }, { "name": "openssl-dochangecipherspec-dos(15505)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505" }, { "name": "2004-0012", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2004/0012" }, { "name": "20040317 Cisco OpenSSL Implementation Vulnerability", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://docs.info.apple.com/article.html?artnum=61798" }, { "name": "VU#288574", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/288574" }, { "name": "DSA-465", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-465" }, { "name": "APPLE-SA-2005-08-17", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "name": "18247", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18247" }, { "name": "oval:org.mitre.oval:def:5770", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770" } ], "title": "CVE Program Container" }, { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2004-0079", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-01-08T16:21:54.985893Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "CWE-476 NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-16T17:33:22.869Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-03-17T00:00:00", "descriptions": [ { "lang": "en", "value": "The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "9899", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/9899" }, { "name": "FEDORA-2005-1042", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html" }, { "name": "ESA-20040317-003", "tags": [ "vendor-advisory", "x_refsource_ENGARDE" ], "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html" }, { "name": "SSRT4717", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2" }, { "name": "RHSA-2004:121", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "name": "MDKSA-2004:023", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023" }, { "name": "oval:org.mitre.oval:def:2621", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621" }, { "name": "CLA-2004:834", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "name": "SCOSA-2004.10", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "name": "17381", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17381" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "name": "FEDORA-2004-095", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml" }, { "name": "oval:org.mitre.oval:def:9779", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779" }, { "name": "oval:org.mitre.oval:def:975", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975" }, { "name": "57524", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "name": "SuSE-SA:2004:007", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.openssl.org/news/secadv_20040317.txt" }, { "name": "FreeBSD-SA-04:05", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc" }, { "name": "NetBSD-SA2004-005", "tags": [ "vendor-advisory", "x_refsource_NETBSD" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc" }, { "name": "O-101", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml" }, { "name": "TA04-078A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "name": "17401", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17401" }, { "name": "RHSA-2005:829", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-829.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm" }, { "name": "oval:org.mitre.oval:def:870", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870" }, { "name": "RHSA-2005:830", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-830.html" }, { "name": "GLSA-200403-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "name": "11139", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11139" }, { "name": "RHSA-2004:120", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US" }, { "name": "APPLE-SA-2005-08-15", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "name": "17398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17398" }, { "name": "SSA:2004-077", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961" }, { "name": "RHSA-2004:139", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html" }, { "name": "openssl-dochangecipherspec-dos(15505)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505" }, { "name": "2004-0012", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2004/0012" }, { "name": "20040317 Cisco OpenSSL Implementation Vulnerability", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://docs.info.apple.com/article.html?artnum=61798" }, { "name": "VU#288574", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/288574" }, { "name": "DSA-465", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-465" }, { "name": "APPLE-SA-2005-08-17", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "name": "18247", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18247" }, { "name": "oval:org.mitre.oval:def:5770", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0079", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "9899", "refsource": "BID", "url": "http://www.securityfocus.com/bid/9899" }, { "name": "FEDORA-2005-1042", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html" }, { "name": "ESA-20040317-003", "refsource": "ENGARDE", "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html" }, { "name": "SSRT4717", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2" }, { "name": "RHSA-2004:121", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "name": "MDKSA-2004:023", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023" }, { "name": "oval:org.mitre.oval:def:2621", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621" }, { "name": "CLA-2004:834", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "name": "SCOSA-2004.10", "refsource": "SCO", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "name": "17381", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17381" }, { "name": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", "refsource": "MISC", "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "name": "FEDORA-2004-095", "refsource": "FEDORA", "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml" }, { "name": "oval:org.mitre.oval:def:9779", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779" }, { "name": "oval:org.mitre.oval:def:975", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975" }, { "name": "57524", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "name": "SuSE-SA:2004:007", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html" }, { "name": "http://lists.apple.com/mhonarc/security-announce/msg00045.html", "refsource": "CONFIRM", "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html" }, { "name": "http://www.openssl.org/news/secadv_20040317.txt", "refsource": "CONFIRM", "url": "http://www.openssl.org/news/secadv_20040317.txt" }, { "name": "FreeBSD-SA-04:05", "refsource": "FREEBSD", "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc" }, { "name": "NetBSD-SA2004-005", "refsource": "NETBSD", "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc" }, { "name": "O-101", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml" }, { "name": "TA04-078A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "name": "17401", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17401" }, { "name": "RHSA-2005:829", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-829.html" }, { "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm" }, { "name": "oval:org.mitre.oval:def:870", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870" }, { "name": "RHSA-2005:830", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-830.html" }, { "name": "GLSA-200403-03", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "name": "11139", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11139" }, { "name": "RHSA-2004:120", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2" }, { "name": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US", "refsource": "CONFIRM", "url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US" }, { "name": "APPLE-SA-2005-08-15", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "name": "17398", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17398" }, { "name": "SSA:2004-077", "refsource": "SLACKWARE", "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961" }, { "name": "RHSA-2004:139", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html" }, { "name": "openssl-dochangecipherspec-dos(15505)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505" }, { "name": "2004-0012", "refsource": "TRUSTIX", "url": "http://www.trustix.org/errata/2004/0012" }, { "name": "20040317 Cisco OpenSSL Implementation Vulnerability", "refsource": "CISCO", "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "name": "http://docs.info.apple.com/article.html?artnum=61798", "refsource": "CONFIRM", "url": "http://docs.info.apple.com/article.html?artnum=61798" }, { "name": "VU#288574", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/288574" }, { "name": "DSA-465", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-465" }, { "name": "APPLE-SA-2005-08-17", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "name": "18247", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18247" }, { "name": "oval:org.mitre.oval:def:5770", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0079", "datePublished": "2004-03-18T05:00:00", "dateReserved": "2004-01-19T00:00:00", "dateUpdated": "2025-01-16T17:33:22.869Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-3626 (GCVE-0-2005-3626)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T23:17:23.446Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18349" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18373" }, { "name": "oval:org.mitre.oval:def:9992", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18428" }, { "name": "xpdf-flatedecode-dos(24026)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18335", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18335" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18908" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18414" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18389" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18385" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-01-06T00:00:00", "descriptions": [ { "lang": "en", "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18349" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18373" }, { "name": "oval:org.mitre.oval:def:9992", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18428" }, { "name": "xpdf-flatedecode-dos(24026)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18335", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18335" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18908" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18414" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18389" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18385" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2005-3626", "datePublished": "2006-01-06T22:00:00", "dateReserved": "2005-11-16T00:00:00", "dateUpdated": "2024-08-07T23:17:23.446Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0504 (GCVE-0-2004-0504)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:17:15.261Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "11776", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11776" }, { "name": "oval:org.mitre.oval:def:982", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A982" }, { "name": "CLA-2005:916", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "name": "10347", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/10347" }, { "name": "11608", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11608" }, { "name": "11836", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11836" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.ethereal.com/appnotes/enpa-sa-00014.html" }, { "name": "RHSA-2004:234", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-234.html" }, { "name": "O-150", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/o-150.shtml" }, { "name": "ethereal-sip-packet-dos(16148)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16148" }, { "name": "20040605-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "GLSA-200406-01", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200406-01.xml" }, { "name": "oval:org.mitre.oval:def:9769", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9769" }, { "name": "[Ethereal-users] 20040503 Re: HotSIP sip-messages crasching ethereal", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.ethereal.com/lists/ethereal-users/200405/msg00018.html" }, { "name": "20040604-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "1010158", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1010158" }, { "name": "6131", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/6131" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-05-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Ethereal 0.10.3 allows remote attackers to cause a denial of service (crash) via certain SIP messages between Hotsip servers and clients." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "11776", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11776" }, { "name": "oval:org.mitre.oval:def:982", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A982" }, { "name": "CLA-2005:916", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "name": "10347", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/10347" }, { "name": "11608", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11608" }, { "name": "11836", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11836" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.ethereal.com/appnotes/enpa-sa-00014.html" }, { "name": "RHSA-2004:234", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-234.html" }, { "name": "O-150", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/o-150.shtml" }, { "name": "ethereal-sip-packet-dos(16148)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16148" }, { "name": "20040605-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "GLSA-200406-01", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200406-01.xml" }, { "name": "oval:org.mitre.oval:def:9769", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9769" }, { "name": "[Ethereal-users] 20040503 Re: HotSIP sip-messages crasching ethereal", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.ethereal.com/lists/ethereal-users/200405/msg00018.html" }, { "name": "20040604-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "1010158", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1010158" }, { "name": "6131", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/6131" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0504", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Ethereal 0.10.3 allows remote attackers to cause a denial of service (crash) via certain SIP messages between Hotsip servers and clients." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "11776", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11776" }, { "name": "oval:org.mitre.oval:def:982", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A982" }, { "name": "CLA-2005:916", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "name": "10347", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10347" }, { "name": "11608", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11608" }, { "name": "11836", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11836" }, { "name": "http://www.ethereal.com/appnotes/enpa-sa-00014.html", "refsource": "CONFIRM", "url": "http://www.ethereal.com/appnotes/enpa-sa-00014.html" }, { "name": "RHSA-2004:234", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-234.html" }, { "name": "O-150", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/o-150.shtml" }, { "name": "ethereal-sip-packet-dos(16148)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16148" }, { "name": "20040605-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "GLSA-200406-01", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200406-01.xml" }, { "name": "oval:org.mitre.oval:def:9769", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9769" }, { "name": "[Ethereal-users] 20040503 Re: HotSIP sip-messages crasching ethereal", "refsource": "MLIST", "url": "http://www.ethereal.com/lists/ethereal-users/200405/msg00018.html" }, { "name": "20040604-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "1010158", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1010158" }, { "name": "6131", "refsource": "OSVDB", "url": "http://www.osvdb.org/6131" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0504", "datePublished": "2004-06-03T04:00:00", "dateReserved": "2004-06-01T00:00:00", "dateUpdated": "2024-08-08T00:17:15.261Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0148 (GCVE-0-2004-0148)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:10:03.675Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "wuftpd-restrictedgid-gain-access(15423)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15423" }, { "name": "oval:org.mitre.oval:def:1637", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1637" }, { "name": "102356", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102356-1" }, { "name": "DSA-457", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-457" }, { "name": "oval:org.mitre.oval:def:1147", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1147" }, { "name": "11055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11055" }, { "name": "20168", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/20168" }, { "name": "SSRT4704", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=108999466902690\u0026w=2" }, { "name": "9832", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/9832" }, { "name": "oval:org.mitre.oval:def:648", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A648" }, { "name": "RHSA-2004:096", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-096.html" }, { "name": "oval:org.mitre.oval:def:1636", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1636" }, { "name": "ADV-2006-1867", "tags": [ "third-party-advisory", "x_refsource_FRSIRT", "x_transferred" ], "url": "http://www.frsirt.com/english/advisories/2006/1867" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-03-08T00:00:00", "descriptions": [ { "lang": "en", "value": "wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2006-05-22T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "wuftpd-restrictedgid-gain-access(15423)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15423" }, { "name": "oval:org.mitre.oval:def:1637", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1637" }, { "name": "102356", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102356-1" }, { "name": "DSA-457", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-457" }, { "name": "oval:org.mitre.oval:def:1147", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1147" }, { "name": "11055", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11055" }, { "name": "20168", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/20168" }, { "name": "SSRT4704", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=108999466902690\u0026w=2" }, { "name": "9832", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/9832" }, { "name": "oval:org.mitre.oval:def:648", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A648" }, { "name": "RHSA-2004:096", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-096.html" }, { "name": "oval:org.mitre.oval:def:1636", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1636" }, { "name": "ADV-2006-1867", "tags": [ "third-party-advisory", "x_refsource_FRSIRT" ], "url": "http://www.frsirt.com/english/advisories/2006/1867" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0148", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "wuftpd-restrictedgid-gain-access(15423)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15423" }, { "name": "oval:org.mitre.oval:def:1637", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1637" }, { "name": "102356", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102356-1" }, { "name": "DSA-457", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-457" }, { "name": "oval:org.mitre.oval:def:1147", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1147" }, { "name": "11055", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11055" }, { "name": "20168", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20168" }, { "name": "SSRT4704", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=108999466902690\u0026w=2" }, { "name": "9832", "refsource": "BID", "url": "http://www.securityfocus.com/bid/9832" }, { "name": "oval:org.mitre.oval:def:648", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A648" }, { "name": "RHSA-2004:096", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-096.html" }, { "name": "oval:org.mitre.oval:def:1636", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1636" }, { "name": "ADV-2006-1867", "refsource": "FRSIRT", "url": "http://www.frsirt.com/english/advisories/2006/1867" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0148", "datePublished": "2004-09-01T04:00:00", "dateReserved": "2004-02-13T00:00:00", "dateUpdated": "2024-08-08T00:10:03.675Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0112 (GCVE-0-2004-0112)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:10:03.359Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "9899", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/9899" }, { "name": "SSRT4717", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2" }, { "name": "RHSA-2004:121", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "name": "MDKSA-2004:023", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023" }, { "name": "CLA-2004:834", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "name": "SCOSA-2004.10", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "name": "57524", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "name": "SuSE-SA:2004:007", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.openssl.org/news/secadv_20040317.txt" }, { "name": "NetBSD-SA2004-005", "tags": [ "vendor-advisory", "x_refsource_NETBSD", "x_transferred" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc" }, { "name": "O-101", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml" }, { "name": "TA04-078A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "name": "oval:org.mitre.oval:def:1049", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049" }, { "name": "openssl-kerberos-ciphersuites-dos(15508)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508" }, { "name": "VU#484726", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/484726" }, { "name": "GLSA-200403-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "name": "oval:org.mitre.oval:def:9580", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580" }, { "name": "11139", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11139" }, { "name": "RHSA-2004:120", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2" }, { "name": "APPLE-SA-2005-08-15", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "name": "SSA:2004-077", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961" }, { "name": "2004-0012", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2004/0012" }, { "name": "20040317 Cisco OpenSSL Implementation Vulnerability", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://docs.info.apple.com/article.html?artnum=61798" }, { "name": "APPLE-SA-2005-08-17", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "name": "oval:org.mitre.oval:def:928", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-03-17T00:00:00", "descriptions": [ { "lang": "en", "value": "The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "9899", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/9899" }, { "name": "SSRT4717", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2" }, { "name": "RHSA-2004:121", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "name": "MDKSA-2004:023", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023" }, { "name": "CLA-2004:834", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "name": "SCOSA-2004.10", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "name": "57524", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "name": "SuSE-SA:2004:007", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.openssl.org/news/secadv_20040317.txt" }, { "name": "NetBSD-SA2004-005", "tags": [ "vendor-advisory", "x_refsource_NETBSD" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc" }, { "name": "O-101", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml" }, { "name": "TA04-078A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "name": "oval:org.mitre.oval:def:1049", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049" }, { "name": "openssl-kerberos-ciphersuites-dos(15508)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508" }, { "name": "VU#484726", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/484726" }, { "name": "GLSA-200403-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "name": "oval:org.mitre.oval:def:9580", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580" }, { "name": "11139", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11139" }, { "name": "RHSA-2004:120", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2" }, { "name": "APPLE-SA-2005-08-15", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "name": "SSA:2004-077", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961" }, { "name": "2004-0012", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2004/0012" }, { "name": "20040317 Cisco OpenSSL Implementation Vulnerability", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://docs.info.apple.com/article.html?artnum=61798" }, { "name": "APPLE-SA-2005-08-17", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "name": "oval:org.mitre.oval:def:928", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0112", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "9899", "refsource": "BID", "url": "http://www.securityfocus.com/bid/9899" }, { "name": "SSRT4717", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2" }, { "name": "RHSA-2004:121", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "name": "MDKSA-2004:023", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023" }, { "name": "CLA-2004:834", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "name": "SCOSA-2004.10", "refsource": "SCO", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "name": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", "refsource": "MISC", "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "name": "57524", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "name": "SuSE-SA:2004:007", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html" }, { "name": "http://lists.apple.com/mhonarc/security-announce/msg00045.html", "refsource": "CONFIRM", "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html" }, { "name": "http://www.openssl.org/news/secadv_20040317.txt", "refsource": "CONFIRM", "url": "http://www.openssl.org/news/secadv_20040317.txt" }, { "name": "NetBSD-SA2004-005", "refsource": "NETBSD", "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc" }, { "name": "O-101", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml" }, { "name": "TA04-078A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "name": "oval:org.mitre.oval:def:1049", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049" }, { "name": "openssl-kerberos-ciphersuites-dos(15508)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508" }, { "name": "VU#484726", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/484726" }, { "name": "GLSA-200403-03", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "name": "oval:org.mitre.oval:def:9580", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580" }, { "name": "11139", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11139" }, { "name": "RHSA-2004:120", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "name": "20040317 New OpenSSL releases fix denial of service attacks [17 March 2004]", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2" }, { "name": "APPLE-SA-2005-08-15", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "name": "SSA:2004-077", "refsource": "SLACKWARE", "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961" }, { "name": "2004-0012", "refsource": "TRUSTIX", "url": "http://www.trustix.org/errata/2004/0012" }, { "name": "20040317 Cisco OpenSSL Implementation Vulnerability", "refsource": "CISCO", "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "name": "http://docs.info.apple.com/article.html?artnum=61798", "refsource": "CONFIRM", "url": "http://docs.info.apple.com/article.html?artnum=61798" }, { "name": "APPLE-SA-2005-08-17", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "name": "oval:org.mitre.oval:def:928", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0112", "datePublished": "2004-03-18T05:00:00", "dateReserved": "2004-02-02T00:00:00", "dateUpdated": "2024-08-08T00:10:03.359Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-1859 (GCVE-0-2005-1859)
Vulnerability from cvelistv5
- n/a
▼ | URL | Tags |
---|---|---|
ftp://patches.sgi.com/support/free/security/advisories/20050701-01-P.asc | vendor-advisory, x_refsource_SGI | |
http://securitytracker.com/id?1014454 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T22:06:57.548Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20050701-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20050701-01-P.asc" }, { "name": "1014454", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1014454" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "Unknown vulnerability in arshell in the Array Service (arrayd) for SGI ProPack 3 with SP 5 and 6, and SGI ProPack 4, allows local users to execute arbitrary shells as root on other hosts in the cluster or array." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2005-07-12T04:00:00Z", "orgId": "bc94ec7e-8909-4cbb-83df-d2fc9330fa88", "shortName": "sgi" }, "references": [ { "name": "20050701-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20050701-01-P.asc" }, { "name": "1014454", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1014454" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security-info@sgi.com", "ID": "CVE-2005-1859", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unknown vulnerability in arshell in the Array Service (arrayd) for SGI ProPack 3 with SP 5 and 6, and SGI ProPack 4, allows local users to execute arbitrary shells as root on other hosts in the cluster or array." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20050701-01-P", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20050701-01-P.asc" }, { "name": "1014454", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1014454" } ] } } } }, "cveMetadata": { "assignerOrgId": "bc94ec7e-8909-4cbb-83df-d2fc9330fa88", "assignerShortName": "sgi", "cveId": "CVE-2005-1859", "datePublished": "2005-07-12T04:00:00Z", "dateReserved": "2005-06-06T00:00:00Z", "dateUpdated": "2024-09-17T01:47:09.288Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0107 (GCVE-0-2004-0107)
Vulnerability from cvelistv5
- n/a
▼ | URL | Tags |
---|---|---|
http://www.redhat.com/support/errata/RHSA-2004-093.html | vendor-advisory, x_refsource_REDHAT | |
ftp://patches.sgi.com/support/free/security/advisories/20040302-01-U.asc | vendor-advisory, x_refsource_SGI | |
http://www.ciac.org/ciac/bulletins/o-097.shtml | third-party-advisory, government-resource, x_refsource_CIAC | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10737 | vdb-entry, signature, x_refsource_OVAL | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/15428 | vdb-entry, x_refsource_XF | |
http://www.securityfocus.com/bid/9838 | vdb-entry, x_refsource_BID | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A862 | vdb-entry, signature, x_refsource_OVAL | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A849 | vdb-entry, signature, x_refsource_OVAL | |
http://www.redhat.com/support/errata/RHSA-2004-053.html | vendor-advisory, x_refsource_REDHAT | |
http://www.osvdb.org/6884 | vdb-entry, x_refsource_OSVDB |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:10:02.321Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2004:093", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-093.html" }, { "name": "20040302-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040302-01-U.asc" }, { "name": "O-097", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/o-097.shtml" }, { "name": "oval:org.mitre.oval:def:10737", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10737" }, { "name": "sysstat-post-trigger-symlink(15428)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15428" }, { "name": "9838", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/9838" }, { "name": "oval:org.mitre.oval:def:862", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A862" }, { "name": "oval:org.mitre.oval:def:849", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A849" }, { "name": "RHSA-2004:053", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-053.html" }, { "name": "6884", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/6884" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2004:093", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-093.html" }, { "name": "20040302-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040302-01-U.asc" }, { "name": "O-097", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/o-097.shtml" }, { "name": "oval:org.mitre.oval:def:10737", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10737" }, { "name": "sysstat-post-trigger-symlink(15428)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15428" }, { "name": "9838", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/9838" }, { "name": "oval:org.mitre.oval:def:862", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A862" }, { "name": "oval:org.mitre.oval:def:849", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A849" }, { "name": "RHSA-2004:053", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-053.html" }, { "name": "6884", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/6884" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0107", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2004:093", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-093.html" }, { "name": "20040302-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040302-01-U.asc" }, { "name": "O-097", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/o-097.shtml" }, { "name": "oval:org.mitre.oval:def:10737", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10737" }, { "name": "sysstat-post-trigger-symlink(15428)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15428" }, { "name": "9838", "refsource": "BID", "url": "http://www.securityfocus.com/bid/9838" }, { "name": "oval:org.mitre.oval:def:862", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A862" }, { "name": "oval:org.mitre.oval:def:849", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A849" }, { "name": "RHSA-2004:053", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-053.html" }, { "name": "6884", "refsource": "OSVDB", "url": "http://www.osvdb.org/6884" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0107", "datePublished": "2004-03-16T05:00:00", "dateReserved": "2004-02-02T00:00:00", "dateUpdated": "2024-08-08T00:10:02.321Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-0761 (GCVE-0-2005-0761)
Vulnerability from cvelistv5
- n/a
▼ | URL | Tags |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2005-070.html | vendor-advisory, x_refsource_REDHAT | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11150 | vdb-entry, signature, x_refsource_OVAL | |
http://securitytracker.com/id?1013550 | vdb-entry, x_refsource_SECTRACK | |
http://www.securityfocus.com/bid/12876 | vdb-entry, x_refsource_BID | |
http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html | vendor-advisory, x_refsource_SUSE |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T21:28:27.138Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2005:070", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2005-070.html" }, { "name": "oval:org.mitre.oval:def:11150", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11150" }, { "name": "1013550", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1013550" }, { "name": "12876", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/12876" }, { "name": "SUSE-SA:2005:017", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-03-23T00:00:00", "descriptions": [ { "lang": "en", "value": "Unknown vulnerability in ImageMagick before 6.1.8 allows remote attackers to cause a denial of service (application crash) via a crafted PSD file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2005:070", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2005-070.html" }, { "name": "oval:org.mitre.oval:def:11150", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11150" }, { "name": "1013550", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1013550" }, { "name": "12876", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/12876" }, { "name": "SUSE-SA:2005:017", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2005-0761", "datePublished": "2005-03-26T05:00:00", "dateReserved": "2005-03-17T00:00:00", "dateUpdated": "2024-08-07T21:28:27.138Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-1307 (GCVE-0-2004-1307)
Vulnerability from cvelistv5
- n/a
▼ | URL | Tags |
---|---|---|
http://www.us-cert.gov/cas/techalerts/TA05-136A.html | third-party-advisory, x_refsource_CERT | |
http://www.kb.cert.org/vuls/id/539110 | third-party-advisory, x_refsource_CERT-VN | |
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1 | vendor-advisory, x_refsource_SUNALERT | |
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1 | vendor-advisory, x_refsource_SUNALERT | |
http://www.idefense.com/application/poi/display?id=173&type=vulnerabilities&flashstatus=true | third-party-advisory, x_refsource_IDEFENSE | |
http://lists.apple.com/archives/security-announce/2005/May/msg00001.html | vendor-advisory, x_refsource_APPLE | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11175 | vdb-entry, signature, x_refsource_OVAL |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:46:12.284Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "TA05-136A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA05-136A.html" }, { "name": "VU#539110", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/539110" }, { "name": "201072", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1" }, { "name": "101677", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1" }, { "name": "20041221 libtiff STRIPOFFSETS Integer Overflow Vulnerability", "tags": [ "third-party-advisory", "x_refsource_IDEFENSE", "x_transferred" ], "url": "http://www.idefense.com/application/poi/display?id=173\u0026type=vulnerabilities\u0026flashstatus=true" }, { "name": "APPLE-SA-2005-05-03", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2005/May/msg00001.html" }, { "name": "oval:org.mitre.oval:def:11175", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11175" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-12-21T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "TA05-136A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA05-136A.html" }, { "name": "VU#539110", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/539110" }, { "name": "201072", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1" }, { "name": "101677", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1" }, { "name": "20041221 libtiff STRIPOFFSETS Integer Overflow Vulnerability", "tags": [ "third-party-advisory", "x_refsource_IDEFENSE" ], "url": "http://www.idefense.com/application/poi/display?id=173\u0026type=vulnerabilities\u0026flashstatus=true" }, { "name": "APPLE-SA-2005-05-03", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2005/May/msg00001.html" }, { "name": "oval:org.mitre.oval:def:11175", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11175" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-1307", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "TA05-136A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA05-136A.html" }, { "name": "VU#539110", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/539110" }, { "name": "201072", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1" }, { "name": "101677", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1" }, { "name": "20041221 libtiff STRIPOFFSETS Integer Overflow Vulnerability", "refsource": "IDEFENSE", "url": "http://www.idefense.com/application/poi/display?id=173\u0026type=vulnerabilities\u0026flashstatus=true" }, { "name": "APPLE-SA-2005-05-03", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2005/May/msg00001.html" }, { "name": "oval:org.mitre.oval:def:11175", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11175" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-1307", "datePublished": "2005-05-04T04:00:00", "dateReserved": "2004-12-21T00:00:00", "dateUpdated": "2024-08-08T00:46:12.284Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0111 (GCVE-0-2004-0111)
Vulnerability from cvelistv5
- n/a
▼ | URL | Tags |
---|---|---|
https://bugzilla.fedora.us/show_bug.cgi?id=2005 | vendor-advisory, x_refsource_FEDORA | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/15426 | vdb-entry, x_refsource_XF | |
http://www.debian.org/security/2004/dsa-464 | vendor-advisory, x_refsource_DEBIAN | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A845 | vdb-entry, signature, x_refsource_OVAL | |
http://www.redhat.com/support/errata/RHSA-2004-103.html | vendor-advisory, x_refsource_REDHAT | |
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:020 | vendor-advisory, x_refsource_MANDRAKE | |
http://www.securityfocus.com/bid/9842 | vdb-entry, x_refsource_BID | |
http://www.redhat.com/support/errata/RHSA-2004-102.html | vendor-advisory, x_refsource_REDHAT | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A846 | vdb-entry, signature, x_refsource_OVAL |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:10:03.431Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "FLSA:2005", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005" }, { "name": "gdk-pixbuf-bitmap-dos(15426)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15426" }, { "name": "DSA-464", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-464" }, { "name": "oval:org.mitre.oval:def:845", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A845" }, { "name": "RHSA-2004:103", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-103.html" }, { "name": "MDKSA-2004:020", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:020" }, { "name": "9842", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/9842" }, { "name": "RHSA-2004:102", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-102.html" }, { "name": "oval:org.mitre.oval:def:846", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A846" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-03-10T00:00:00", "descriptions": [ { "lang": "en", "value": "gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2011-07-17T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "FLSA:2005", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005" }, { "name": "gdk-pixbuf-bitmap-dos(15426)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15426" }, { "name": "DSA-464", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-464" }, { "name": "oval:org.mitre.oval:def:845", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A845" }, { "name": "RHSA-2004:103", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-103.html" }, { "name": "MDKSA-2004:020", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:020" }, { "name": "9842", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/9842" }, { "name": "RHSA-2004:102", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-102.html" }, { "name": "oval:org.mitre.oval:def:846", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A846" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0111", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "FLSA:2005", "refsource": "FEDORA", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005" }, { "name": "gdk-pixbuf-bitmap-dos(15426)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15426" }, { "name": "DSA-464", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-464" }, { "name": "oval:org.mitre.oval:def:845", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A845" }, { "name": "RHSA-2004:103", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-103.html" }, { "name": "MDKSA-2004:020", "refsource": "MANDRAKE", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:020" }, { "name": "9842", "refsource": "BID", "url": "http://www.securityfocus.com/bid/9842" }, { "name": "RHSA-2004:102", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-102.html" }, { "name": "oval:org.mitre.oval:def:846", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A846" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0111", "datePublished": "2004-09-01T04:00:00", "dateReserved": "2004-02-02T00:00:00", "dateUpdated": "2024-08-08T00:10:03.431Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-1145 (GCVE-0-2004-1145)
Vulnerability from cvelistv5
- n/a
▼ | URL | Tags |
---|---|---|
http://www.redhat.com/support/errata/RHSA-2005-065.html | vendor-advisory, x_refsource_REDHAT | |
http://marc.info/?l=bugtraq&m=110356286722875&w=2 | mailing-list, x_refsource_BUGTRAQ | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/18596 | vdb-entry, x_refsource_XF | |
http://www.heise.de/security/dienste/browsercheck/tests/java.shtml | x_refsource_MISC | |
http://www.gentoo.org/security/en/glsa/glsa-200501-16.xml | vendor-advisory, x_refsource_GENTOO | |
http://secunia.com/advisories/13586 | third-party-advisory, x_refsource_SECUNIA | |
http://www.mandriva.com/security/advisories?name=MDKSA-2004:154 | vendor-advisory, x_refsource_MANDRAKE | |
http://www.kde.org/info/security/advisory-20041220-1.txt | x_refsource_CONFIRM | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10173 | vdb-entry, signature, x_refsource_OVAL | |
http://www.kb.cert.org/vuls/id/420222 | third-party-advisory, x_refsource_CERT-VN |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:39:00.876Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2005:065", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-065.html" }, { "name": "20041220 KDE Security Advisory: Konqueror Java Vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=110356286722875\u0026w=2" }, { "name": "konqueror-sandbox-restriction-bypass(18596)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18596" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.heise.de/security/dienste/browsercheck/tests/java.shtml" }, { "name": "GLSA-200501-16", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-16.xml" }, { "name": "13586", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/13586" }, { "name": "MDKSA-2004:154", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:154" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20041220-1.txt" }, { "name": "oval:org.mitre.oval:def:10173", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10173" }, { "name": "VU#420222", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/420222" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-12-20T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "RHSA-2005:065", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-065.html" }, { "name": "20041220 KDE Security Advisory: Konqueror Java Vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=110356286722875\u0026w=2" }, { "name": "konqueror-sandbox-restriction-bypass(18596)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18596" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.heise.de/security/dienste/browsercheck/tests/java.shtml" }, { "name": "GLSA-200501-16", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-16.xml" }, { "name": "13586", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/13586" }, { "name": "MDKSA-2004:154", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:154" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20041220-1.txt" }, { "name": "oval:org.mitre.oval:def:10173", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10173" }, { "name": "VU#420222", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/420222" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-1145", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2005:065", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-065.html" }, { "name": "20041220 KDE Security Advisory: Konqueror Java Vulnerability", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=110356286722875\u0026w=2" }, { "name": "konqueror-sandbox-restriction-bypass(18596)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18596" }, { "name": "http://www.heise.de/security/dienste/browsercheck/tests/java.shtml", "refsource": "MISC", "url": "http://www.heise.de/security/dienste/browsercheck/tests/java.shtml" }, { "name": "GLSA-200501-16", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-16.xml" }, { "name": "13586", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/13586" }, { "name": "MDKSA-2004:154", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:154" }, { "name": "http://www.kde.org/info/security/advisory-20041220-1.txt", "refsource": "CONFIRM", "url": "http://www.kde.org/info/security/advisory-20041220-1.txt" }, { "name": "oval:org.mitre.oval:def:10173", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10173" }, { "name": "VU#420222", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/420222" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-1145", "datePublished": "2004-12-31T05:00:00", "dateReserved": "2004-12-06T00:00:00", "dateUpdated": "2024-08-08T00:39:00.876Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0424 (GCVE-0-2004-0424)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:17:14.977Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SSA:2004-119", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.659586" }, { "name": "SuSE-SA:2004:010", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2004_10_kernel.html" }, { "name": "oval:org.mitre.oval:def:939", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A939" }, { "name": "oval:org.mitre.oval:def:11214", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11214" }, { "name": "RHSA-2004:183", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-183.html" }, { "name": "MDKSA-2004:037", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:037" }, { "name": "linux-ipsetsockopt-integer-bo(15907)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15907" }, { "name": "20040504-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040504-01-U.asc" }, { "name": "10179", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/10179" }, { "name": "ESA-20040428-004", "tags": [ "vendor-advisory", "x_refsource_ENGARDE", "x_transferred" ], "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4285.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.isec.pl/vulnerabilities/isec-0015-msfilter.txt" }, { "name": "CLA-2004:852", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000852" }, { "name": "20040420 Linux kernel setsockopt MCAST_MSFILTER integer overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=108253171301153\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-04-20T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "SSA:2004-119", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.659586" }, { "name": "SuSE-SA:2004:010", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2004_10_kernel.html" }, { "name": "oval:org.mitre.oval:def:939", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A939" }, { "name": "oval:org.mitre.oval:def:11214", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11214" }, { "name": "RHSA-2004:183", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-183.html" }, { "name": "MDKSA-2004:037", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:037" }, { "name": "linux-ipsetsockopt-integer-bo(15907)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15907" }, { "name": "20040504-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040504-01-U.asc" }, { "name": "10179", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/10179" }, { "name": "ESA-20040428-004", "tags": [ "vendor-advisory", "x_refsource_ENGARDE" ], "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4285.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.isec.pl/vulnerabilities/isec-0015-msfilter.txt" }, { "name": "CLA-2004:852", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000852" }, { "name": "20040420 Linux kernel setsockopt MCAST_MSFILTER integer overflow", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=108253171301153\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0424", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SSA:2004-119", "refsource": "SLACKWARE", "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.659586" }, { "name": "SuSE-SA:2004:010", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2004_10_kernel.html" }, { "name": "oval:org.mitre.oval:def:939", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A939" }, { "name": "oval:org.mitre.oval:def:11214", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11214" }, { "name": "RHSA-2004:183", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-183.html" }, { "name": "MDKSA-2004:037", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:037" }, { "name": "linux-ipsetsockopt-integer-bo(15907)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15907" }, { "name": "20040504-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040504-01-U.asc" }, { "name": "10179", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10179" }, { "name": "ESA-20040428-004", "refsource": "ENGARDE", "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4285.html" }, { "name": "http://www.isec.pl/vulnerabilities/isec-0015-msfilter.txt", "refsource": "MISC", "url": "http://www.isec.pl/vulnerabilities/isec-0015-msfilter.txt" }, { "name": "CLA-2004:852", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000852" }, { "name": "20040420 Linux kernel setsockopt MCAST_MSFILTER integer overflow", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=108253171301153\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0424", "datePublished": "2004-04-30T04:00:00", "dateReserved": "2004-04-21T00:00:00", "dateUpdated": "2024-08-08T00:17:14.977Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-1613 (GCVE-0-2004-1613)
Vulnerability from cvelistv5
- n/a
▼ | URL | Tags |
---|---|---|
http://marc.info/?l=bugtraq&m=109811406620511&w=2 | mailing-list, x_refsource_BUGTRAQ | |
http://www.securityfocus.com/bid/11439 | vdb-entry, x_refsource_BID | |
http://www.redhat.com/support/errata/RHSA-2005-323.html | vendor-advisory, x_refsource_REDHAT | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/17805 | vdb-entry, x_refsource_XF | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10227 | vdb-entry, signature, x_refsource_OVAL | |
http://securitytracker.com/id?1011810 | vdb-entry, x_refsource_SECTRACK | |
http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027709.html | mailing-list, x_refsource_FULLDISC | |
http://lcamtuf.coredump.cx/mangleme/gallery/ | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T01:00:36.308Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20041018 Web browsers - a mini-farce", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=109811406620511\u0026w=2" }, { "name": "11439", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/11439" }, { "name": "RHSA-2005:323", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-323.html" }, { "name": "mozilla-html-tags-dos(17805)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17805" }, { "name": "oval:org.mitre.oval:def:10227", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10227" }, { "name": "1011810", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1011810" }, { "name": "20041018 Web browsers - a mini-farce", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027709.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://lcamtuf.coredump.cx/mangleme/gallery/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-10-18T00:00:00", "descriptions": [ { "lang": "en", "value": "Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20041018 Web browsers - a mini-farce", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=109811406620511\u0026w=2" }, { "name": "11439", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/11439" }, { "name": "RHSA-2005:323", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-323.html" }, { "name": "mozilla-html-tags-dos(17805)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17805" }, { "name": "oval:org.mitre.oval:def:10227", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10227" }, { "name": "1011810", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1011810" }, { "name": "20041018 Web browsers - a mini-farce", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027709.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://lcamtuf.coredump.cx/mangleme/gallery/" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-1613", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20041018 Web browsers - a mini-farce", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=109811406620511\u0026w=2" }, { "name": "11439", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11439" }, { "name": "RHSA-2005:323", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-323.html" }, { "name": "mozilla-html-tags-dos(17805)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17805" }, { "name": "oval:org.mitre.oval:def:10227", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10227" }, { "name": "1011810", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1011810" }, { "name": "20041018 Web browsers - a mini-farce", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027709.html" }, { "name": "http://lcamtuf.coredump.cx/mangleme/gallery/", "refsource": "MISC", "url": "http://lcamtuf.coredump.cx/mangleme/gallery/" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-1613", "datePublished": "2005-02-20T05:00:00", "dateReserved": "2005-02-20T00:00:00", "dateUpdated": "2024-08-08T01:00:36.308Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-3625 (GCVE-0-2005-3625)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T23:17:23.366Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18349" }, { "name": "oval:org.mitre.oval:def:9575", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18373" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18428" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18335", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18335" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "xpdf-ccittfaxdecode-dctdecode-dos(24023)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18908" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18414" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18389" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18385" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-01-06T00:00:00", "descriptions": [ { "lang": "en", "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka \"Infinite CPU spins.\"" } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18349" }, { "name": "oval:org.mitre.oval:def:9575", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18373" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18428" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18335", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18335" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "xpdf-ccittfaxdecode-dctdecode-dos(24023)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18908" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18414" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18389" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18385" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2005-3625", "datePublished": "2006-01-06T22:00:00", "dateReserved": "2005-11-16T00:00:00", "dateUpdated": "2024-08-07T23:17:23.366Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-0005 (GCVE-0-2005-0005)
Vulnerability from cvelistv5
- n/a
▼ | URL | Tags |
---|---|---|
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9925 | vdb-entry, signature, x_refsource_OVAL | |
http://www.debian.org/security/2005/dsa-646 | vendor-advisory, x_refsource_DEBIAN | |
http://www.gentoo.org/security/en/glsa/glsa-200501-37.xml | vendor-advisory, x_refsource_GENTOO | |
http://marc.info/?l=bugtraq&m=110608222117215&w=2 | mailing-list, x_refsource_BUGTRAQ | |
http://www.idefense.com/application/poi/display?id=184&type=vulnerabilities | third-party-advisory, x_refsource_IDEFENSE | |
http://www.redhat.com/support/errata/RHSA-2005-071.html | vendor-advisory, x_refsource_REDHAT | |
http://www.redhat.com/support/errata/RHSA-2005-070.html | vendor-advisory, x_refsource_REDHAT |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T20:57:40.834Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "oval:org.mitre.oval:def:9925", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9925" }, { "name": "DSA-646", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-646" }, { "name": "GLSA-200501-37", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-37.xml" }, { "name": "20050118 [USN-62-1] imagemagick vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=110608222117215\u0026w=2" }, { "name": "20050117 Multiple Vendor ImageMagick .psd Image File Decode Heap Overflow Vulnerability", "tags": [ "third-party-advisory", "x_refsource_IDEFENSE", "x_transferred" ], "url": "http://www.idefense.com/application/poi/display?id=184\u0026type=vulnerabilities" }, { "name": "RHSA-2005:071", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-071.html" }, { "name": "RHSA-2005:070", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-070.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-01-17T00:00:00", "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "oval:org.mitre.oval:def:9925", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9925" }, { "name": "DSA-646", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-646" }, { "name": "GLSA-200501-37", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-37.xml" }, { "name": "20050118 [USN-62-1] imagemagick vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=110608222117215\u0026w=2" }, { "name": "20050117 Multiple Vendor ImageMagick .psd Image File Decode Heap Overflow Vulnerability", "tags": [ "third-party-advisory", "x_refsource_IDEFENSE" ], "url": "http://www.idefense.com/application/poi/display?id=184\u0026type=vulnerabilities" }, { "name": "RHSA-2005:071", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-071.html" }, { "name": "RHSA-2005:070", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-070.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-0005", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "oval:org.mitre.oval:def:9925", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9925" }, { "name": "DSA-646", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2005/dsa-646" }, { "name": "GLSA-200501-37", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-37.xml" }, { "name": "20050118 [USN-62-1] imagemagick vulnerability", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=110608222117215\u0026w=2" }, { "name": "20050117 Multiple Vendor ImageMagick .psd Image File Decode Heap Overflow Vulnerability", "refsource": "IDEFENSE", "url": "http://www.idefense.com/application/poi/display?id=184\u0026type=vulnerabilities" }, { "name": "RHSA-2005:071", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-071.html" }, { "name": "RHSA-2005:070", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-070.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-0005", "datePublished": "2005-01-19T05:00:00", "dateReserved": "2005-01-03T00:00:00", "dateUpdated": "2024-08-07T20:57:40.834Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0234 (GCVE-0-2004-0234)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:10:03.930Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1015866", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1015866" }, { "name": "CLA-2004:840", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840" }, { "name": "5753", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/5753" }, { "name": "oval:org.mitre.oval:def:977", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977" }, { "name": "FEDORA-2004-119", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html" }, { "name": "20060403 Barracuda LHA archiver security bug leads to remote compromise", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html" }, { "name": "10243", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/10243" }, { "name": "ADV-2006-1220", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/1220" }, { "name": "20040501 LHa buffer overflows and directory traversal problems", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html" }, { "name": "19514", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19514" }, { "name": "5754", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/5754" }, { "name": "RHSA-2004:179", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-179.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt" }, { "name": "FLSA:1833", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833" }, { "name": "DSA-515", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-515" }, { "name": "oval:org.mitre.oval:def:9881", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881" }, { "name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2" }, { "name": "GLSA-200405-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200405-02.xml" }, { "name": "RHSA-2004:178", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-178.html" }, { "name": "lha-multiple-bo(16012)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012" }, { "name": "20040502 Lha local stack overflow Proof Of Concept Code", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-04-30T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "1015866", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1015866" }, { "name": "CLA-2004:840", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840" }, { "name": "5753", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/5753" }, { "name": "oval:org.mitre.oval:def:977", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977" }, { "name": "FEDORA-2004-119", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html" }, { "name": "20060403 Barracuda LHA archiver security bug leads to remote compromise", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html" }, { "name": "10243", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/10243" }, { "name": "ADV-2006-1220", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/1220" }, { "name": "20040501 LHa buffer overflows and directory traversal problems", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html" }, { "name": "19514", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19514" }, { "name": "5754", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/5754" }, { "name": "RHSA-2004:179", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-179.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt" }, { "name": "FLSA:1833", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833" }, { "name": "DSA-515", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-515" }, { "name": "oval:org.mitre.oval:def:9881", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881" }, { "name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2" }, { "name": "GLSA-200405-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200405-02.xml" }, { "name": "RHSA-2004:178", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-178.html" }, { "name": "lha-multiple-bo(16012)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012" }, { "name": "20040502 Lha local stack overflow Proof Of Concept Code", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0234", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1015866", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1015866" }, { "name": "CLA-2004:840", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840" }, { "name": "5753", "refsource": "OSVDB", "url": "http://www.osvdb.org/5753" }, { "name": "oval:org.mitre.oval:def:977", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977" }, { "name": "FEDORA-2004-119", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html" }, { "name": "20060403 Barracuda LHA archiver security bug leads to remote compromise", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html" }, { "name": "10243", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10243" }, { "name": "ADV-2006-1220", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1220" }, { "name": "20040501 LHa buffer overflows and directory traversal problems", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html" }, { "name": "19514", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19514" }, { "name": "5754", "refsource": "OSVDB", "url": "http://www.osvdb.org/5754" }, { "name": "RHSA-2004:179", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-179.html" }, { "name": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt", "refsource": "MISC", "url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt" }, { "name": "FLSA:1833", "refsource": "FEDORA", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833" }, { "name": "DSA-515", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-515" }, { "name": "oval:org.mitre.oval:def:9881", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881" }, { "name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2" }, { "name": "GLSA-200405-02", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200405-02.xml" }, { "name": "RHSA-2004:178", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-178.html" }, { "name": "lha-multiple-bo(16012)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012" }, { "name": "20040502 Lha local stack overflow Proof Of Concept Code", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0234", "datePublished": "2004-05-05T04:00:00", "dateReserved": "2004-03-17T00:00:00", "dateUpdated": "2024-08-08T00:10:03.930Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0418 (GCVE-0-2004-0418)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:17:14.976Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-519", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-519" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://security.e-matters.de/advisories/092004.html" }, { "name": "oval:org.mitre.oval:def:11242", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11242" }, { "name": "20040605-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "oval:org.mitre.oval:def:1003", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1003" }, { "name": "20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=108716553923643\u0026w=2" }, { "name": "RHSA-2004:233", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-233.html" }, { "name": "MDKSA-2004:058", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058" }, { "name": "GLSA-200406-06", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200406-06.xml" }, { "name": "20040604-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "20040609 Advisory 09/2004: More CVS remote vulnerabilities", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-06-09T00:00:00", "descriptions": [ { "lang": "en", "value": "serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an \"out-of-bounds\" write for a single byte to execute arbitrary code or modify critical program data." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "DSA-519", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-519" }, { "tags": [ "x_refsource_MISC" ], "url": "http://security.e-matters.de/advisories/092004.html" }, { "name": "oval:org.mitre.oval:def:11242", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11242" }, { "name": "20040605-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "oval:org.mitre.oval:def:1003", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1003" }, { "name": "20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=108716553923643\u0026w=2" }, { "name": "RHSA-2004:233", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-233.html" }, { "name": "MDKSA-2004:058", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058" }, { "name": "GLSA-200406-06", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200406-06.xml" }, { "name": "20040604-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "20040609 Advisory 09/2004: More CVS remote vulnerabilities", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0418", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an \"out-of-bounds\" write for a single byte to execute arbitrary code or modify critical program data." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "DSA-519", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-519" }, { "name": "http://security.e-matters.de/advisories/092004.html", "refsource": "MISC", "url": "http://security.e-matters.de/advisories/092004.html" }, { "name": "oval:org.mitre.oval:def:11242", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11242" }, { "name": "20040605-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "oval:org.mitre.oval:def:1003", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1003" }, { "name": "20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=108716553923643\u0026w=2" }, { "name": "RHSA-2004:233", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-233.html" }, { "name": "MDKSA-2004:058", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058" }, { "name": "GLSA-200406-06", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200406-06.xml" }, { "name": "20040604-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "20040609 Advisory 09/2004: More CVS remote vulnerabilities", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0418", "datePublished": "2004-06-11T04:00:00", "dateReserved": "2004-04-16T00:00:00", "dateUpdated": "2024-08-08T00:17:14.976Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-3624 (GCVE-0-2005-3624)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T23:17:23.457Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18349" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18373" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18428" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18908" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18414" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "xpdf-ccitt-faxstream-bo(24022)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18389" }, { "name": "oval:org.mitre.oval:def:9437", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18385" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-01-06T00:00:00", "descriptions": [ { "lang": "en", "value": "The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "16143", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/16143" }, { "name": "DSA-932", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-932" }, { "name": "18349", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18349" }, { "name": "18147", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18147" }, { "name": "SCOSA-2006.15", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "tags": [ "x_refsource_MISC" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "name": "18679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18679" }, { "name": "18312", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18312" }, { "name": "18644", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18644" }, { "name": "USN-236-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/236-1/" }, { "name": "18425", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18425" }, { "name": "18373", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18373" }, { "name": "18303", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18303" }, { "name": "DSA-931", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-931" }, { "name": "18554", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18554" }, { "name": "MDKSA-2006:003", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "name": "19230", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19230" }, { "name": "102972", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "name": "MDKSA-2006:012", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "name": "DSA-962", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "name": "RHSA-2006:0163", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "name": "DSA-937", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-937" }, { "name": "18398", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18398" }, { "name": "FLSA-2006:176751", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "name": "2006-0002", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2006/0002/" }, { "name": "SUSE-SA:2006:001", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "name": "DSA-936", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "name": "FEDORA-2005-026", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "name": "18329", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18329" }, { "name": "18463", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18463" }, { "name": "18642", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18642" }, { "name": "18674", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18674" }, { "name": "MDKSA-2006:005", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "name": "18313", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18313" }, { "name": "20051201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "name": "20060101-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "name": "18448", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18448" }, { "name": "18436", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18436" }, { "name": "18428", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18428" }, { "name": "18380", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18380" }, { "name": "18423", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18423" }, { "name": "18416", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18416" }, { "name": "RHSA-2006:0177", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "name": "ADV-2007-2280", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "name": "GLSA-200601-02", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "name": "18407", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18407" }, { "name": "18332", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18332" }, { "name": "18517", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18517" }, { "name": "18582", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18582" }, { "name": "18534", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18534" }, { "name": "SSA:2006-045-09", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "name": "18908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18908" }, { "name": "25729", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25729" }, { "name": "18414", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18414" }, { "name": "MDKSA-2006:006", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "name": "18338", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18338" }, { "name": "MDKSA-2006:008", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "name": "20060201-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "name": "RHSA-2006:0160", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "name": "MDKSA-2006:010", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "name": "DSA-940", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-940" }, { "name": "MDKSA-2006:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "name": "ADV-2006-0047", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "name": "GLSA-200601-17", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "name": "xpdf-ccitt-faxstream-bo(24022)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022" }, { "name": "18389", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18389" }, { "name": "oval:org.mitre.oval:def:9437", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437" }, { "name": "SSA:2006-045-04", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "name": "19377", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/19377" }, { "name": "FEDORA-2005-025", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "name": "FLSA:175404", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "name": "DSA-961", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "name": "18675", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18675" }, { "name": "18913", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18913" }, { "name": "DSA-938", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-938" }, { "name": "18334", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18334" }, { "name": "18375", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18375" }, { "name": "DSA-950", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "name": "18387", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18387" }, { "name": "MDKSA-2006:011", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "name": "18385", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18385" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2005-3624", "datePublished": "2006-01-06T22:00:00", "dateReserved": "2005-11-16T00:00:00", "dateUpdated": "2024-08-07T23:17:23.457Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0639 (GCVE-0-2004-0639)
Vulnerability from cvelistv5
- n/a
▼ | URL | Tags |
---|---|---|
http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt | x_refsource_MISC | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/16285 | vdb-entry, x_refsource_XF | |
http://marc.info/?l=bugtraq&m=108611554415078&w=2 | mailing-list, x_refsource_BUGTRAQ | |
http://www.debian.org/security/2004/dsa-535 | vendor-advisory, x_refsource_DEBIAN | |
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=257973 | x_refsource_CONFIRM | |
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000858 | vendor-advisory, x_refsource_CONECTIVA | |
http://www.securityfocus.com/bid/10450 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:24:26.813Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt" }, { "name": "squirrelmail-from-header-xss(16285)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16285" }, { "name": "20040530 RS-2004-1: SquirrelMail \"Content-Type\" XSS vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=108611554415078\u0026w=2" }, { "name": "DSA-535", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-535" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=257973" }, { "name": "CLA-2004:858", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000858" }, { "name": "10450", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/10450" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-05-30T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and earlier allow remote attackers to inject arbitrary HTML or script via (1) the $mailer variable in read_body.php, (2) the $senderNames_part variable in mailbox_display.php, and possibly other vectors including (3) the $event_title variable or (4) the $event_text variable." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt" }, { "name": "squirrelmail-from-header-xss(16285)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16285" }, { "name": "20040530 RS-2004-1: SquirrelMail \"Content-Type\" XSS vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=108611554415078\u0026w=2" }, { "name": "DSA-535", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-535" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=257973" }, { "name": "CLA-2004:858", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000858" }, { "name": "10450", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/10450" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0639", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and earlier allow remote attackers to inject arbitrary HTML or script via (1) the $mailer variable in read_body.php, (2) the $senderNames_part variable in mailbox_display.php, and possibly other vectors including (3) the $event_title variable or (4) the $event_text variable." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt", "refsource": "MISC", "url": "http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt" }, { "name": "squirrelmail-from-header-xss(16285)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16285" }, { "name": "20040530 RS-2004-1: SquirrelMail \"Content-Type\" XSS vulnerability", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=108611554415078\u0026w=2" }, { "name": "DSA-535", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-535" }, { "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=257973", "refsource": "CONFIRM", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=257973" }, { "name": "CLA-2004:858", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000858" }, { "name": "10450", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10450" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0639", "datePublished": "2004-07-09T04:00:00", "dateReserved": "2004-07-08T00:00:00", "dateUpdated": "2024-08-08T00:24:26.813Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-0206 (GCVE-0-2005-0206)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T21:05:25.397Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "oval:org.mitre.oval:def:11107", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107" }, { "name": "MDKSA-2005:041", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041" }, { "name": "11501", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/11501" }, { "name": "RHSA-2005:034", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "name": "MDKSA-2005:056", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056" }, { "name": "MDKSA-2005:043", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043" }, { "name": "RHSA-2005:213", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html" }, { "name": "MDKSA-2005:044", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044" }, { "name": "RHSA-2005:053", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "name": "xpdf-pdf-bo(17818)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818" }, { "name": "MDKSA-2005:052", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052" }, { "name": "RHSA-2005:132", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html" }, { "name": "MDKSA-2005:042", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042" }, { "name": "RHSA-2005:057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-02-15T00:00:00", "descriptions": [ { "lang": "en", "value": "The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "oval:org.mitre.oval:def:11107", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107" }, { "name": "MDKSA-2005:041", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041" }, { "name": "11501", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/11501" }, { "name": "RHSA-2005:034", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "name": "MDKSA-2005:056", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056" }, { "name": "MDKSA-2005:043", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043" }, { "name": "RHSA-2005:213", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html" }, { "name": "MDKSA-2005:044", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044" }, { "name": "RHSA-2005:053", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "name": "xpdf-pdf-bo(17818)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818" }, { "name": "MDKSA-2005:052", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052" }, { "name": "RHSA-2005:132", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html" }, { "name": "MDKSA-2005:042", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042" }, { "name": "RHSA-2005:057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-0206", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "oval:org.mitre.oval:def:11107", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107" }, { "name": "MDKSA-2005:041", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041" }, { "name": "11501", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11501" }, { "name": "RHSA-2005:034", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "name": "MDKSA-2005:056", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056" }, { "name": "MDKSA-2005:043", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043" }, { "name": "RHSA-2005:213", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html" }, { "name": "MDKSA-2005:044", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044" }, { "name": "RHSA-2005:053", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "name": "xpdf-pdf-bo(17818)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818" }, { "name": "MDKSA-2005:052", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052" }, { "name": "RHSA-2005:132", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html" }, { "name": "MDKSA-2005:042", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042" }, { "name": "RHSA-2005:057", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-0206", "datePublished": "2005-02-15T05:00:00", "dateReserved": "2005-02-01T00:00:00", "dateUpdated": "2024-08-07T21:05:25.397Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0414 (GCVE-0-2004-0414)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:17:14.669Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "oval:org.mitre.oval:def:10575", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10575" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://security.e-matters.de/advisories/092004.html" }, { "name": "20040605-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "DSA-517", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-517" }, { "name": "oval:org.mitre.oval:def:993", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A993" }, { "name": "20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=108716553923643\u0026w=2" }, { "name": "RHSA-2004:233", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-233.html" }, { "name": "MDKSA-2004:058", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058" }, { "name": "GLSA-200406-06", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200406-06.xml" }, { "name": "20040604-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "20040609 Advisory 09/2004: More CVS remote vulnerabilities", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-06-09T00:00:00", "descriptions": [ { "lang": "en", "value": "CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed \"Entry\" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "oval:org.mitre.oval:def:10575", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10575" }, { "tags": [ "x_refsource_MISC" ], "url": "http://security.e-matters.de/advisories/092004.html" }, { "name": "20040605-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "DSA-517", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-517" }, { "name": "oval:org.mitre.oval:def:993", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A993" }, { "name": "20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=108716553923643\u0026w=2" }, { "name": "RHSA-2004:233", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-233.html" }, { "name": "MDKSA-2004:058", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058" }, { "name": "GLSA-200406-06", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200406-06.xml" }, { "name": "20040604-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "20040609 Advisory 09/2004: More CVS remote vulnerabilities", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0414", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed \"Entry\" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "oval:org.mitre.oval:def:10575", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10575" }, { "name": "http://security.e-matters.de/advisories/092004.html", "refsource": "MISC", "url": "http://security.e-matters.de/advisories/092004.html" }, { "name": "20040605-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "DSA-517", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-517" }, { "name": "oval:org.mitre.oval:def:993", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A993" }, { "name": "20040611 [OpenPKG-SA-2004.027] OpenPKG Security Advisory (cvs)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=108716553923643\u0026w=2" }, { "name": "RHSA-2004:233", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-233.html" }, { "name": "MDKSA-2004:058", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058" }, { "name": "GLSA-200406-06", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200406-06.xml" }, { "name": "20040604-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "20040609 Advisory 09/2004: More CVS remote vulnerabilities", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0414", "datePublished": "2004-06-11T04:00:00", "dateReserved": "2004-04-16T00:00:00", "dateUpdated": "2024-08-08T00:17:14.669Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0105 (GCVE-0-2004-0105)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:10:03.902Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-449", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-449" }, { "name": "SSA:2004-049", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred" ], "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734" }, { "name": "metamail-splitmail-subject-bo(15258)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15258" }, { "name": "O-083", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/o-083.shtml" }, { "name": "9692", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/9692" }, { "name": "VU#513062", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/513062" }, { "name": "10908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/10908" }, { "name": "metamail-printheader-nonascii-bo(15247)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15247" }, { "name": "MDKSA-2004:014", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:014" }, { "name": "RHSA-2004:073", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-073.html" }, { "name": "20040218 metamail format string bugs and buffer overflows", "tags": [ "mailing-list", "x_refsource_VULNWATCH", "x_transferred" ], "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html" }, { "name": "20040218 metamail format string bugs and buffer overflows", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=107713476911429\u0026w=2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-02-18T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "DSA-449", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-449" }, { "name": "SSA:2004-049", "tags": [ "vendor-advisory", "x_refsource_SLACKWARE" ], "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734" }, { "name": "metamail-splitmail-subject-bo(15258)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15258" }, { "name": "O-083", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/o-083.shtml" }, { "name": "9692", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/9692" }, { "name": "VU#513062", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/513062" }, { "name": "10908", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/10908" }, { "name": "metamail-printheader-nonascii-bo(15247)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15247" }, { "name": "MDKSA-2004:014", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:014" }, { "name": "RHSA-2004:073", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-073.html" }, { "name": "20040218 metamail format string bugs and buffer overflows", "tags": [ "mailing-list", "x_refsource_VULNWATCH" ], "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html" }, { "name": "20040218 metamail format string bugs and buffer overflows", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=107713476911429\u0026w=2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0105", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "DSA-449", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-449" }, { "name": "SSA:2004-049", "refsource": "SLACKWARE", "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734" }, { "name": "metamail-splitmail-subject-bo(15258)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15258" }, { "name": "O-083", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/o-083.shtml" }, { "name": "9692", "refsource": "BID", "url": "http://www.securityfocus.com/bid/9692" }, { "name": "VU#513062", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/513062" }, { "name": "10908", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/10908" }, { "name": "metamail-printheader-nonascii-bo(15247)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15247" }, { "name": "MDKSA-2004:014", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:014" }, { "name": "RHSA-2004:073", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-073.html" }, { "name": "20040218 metamail format string bugs and buffer overflows", "refsource": "VULNWATCH", "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html" }, { "name": "20040218 metamail format string bugs and buffer overflows", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=107713476911429\u0026w=2" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0105", "datePublished": "2004-02-19T05:00:00", "dateReserved": "2004-02-02T00:00:00", "dateUpdated": "2024-08-08T00:10:03.902Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0519 (GCVE-0-2004-0519)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:17:15.176Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "12289", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/12289" }, { "name": "squirrel-composephp-xss(16025)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16025" }, { "name": "20040430 Re: SquirrelMail Cross Scripting Attacks....", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/361857" }, { "name": "SUSE-SR:2005:019", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html" }, { "name": "oval:org.mitre.oval:def:1006", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1006" }, { "name": "FEDORA-2004-160", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/advisories/6827" }, { "name": "11531", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11531" }, { "name": "11686", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11686" }, { "name": "11870", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11870" }, { "name": "DSA-535", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-535" }, { "name": "RHSA-2004:240", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2004-240.html" }, { "name": "FEDORA-2004-1733", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1733" }, { "name": "GLSA-200405-16", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200405-16.xml" }, { "name": "oval:org.mitre.oval:def:10274", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10274" }, { "name": "20040429 SquirrelMail Cross Scripting Attacks....", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=108334862800260" }, { "name": "20040604-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "CLA-2004:858", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000858" }, { "name": "10246", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/10246" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-04-29T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "12289", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/12289" }, { "name": "squirrel-composephp-xss(16025)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16025" }, { "name": "20040430 Re: SquirrelMail Cross Scripting Attacks....", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/361857" }, { "name": "SUSE-SR:2005:019", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html" }, { "name": "oval:org.mitre.oval:def:1006", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1006" }, { "name": "FEDORA-2004-160", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/advisories/6827" }, { "name": "11531", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11531" }, { "name": "11686", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11686" }, { "name": "11870", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11870" }, { "name": "DSA-535", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-535" }, { "name": "RHSA-2004:240", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2004-240.html" }, { "name": "FEDORA-2004-1733", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1733" }, { "name": "GLSA-200405-16", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200405-16.xml" }, { "name": "oval:org.mitre.oval:def:10274", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10274" }, { "name": "20040429 SquirrelMail Cross Scripting Attacks....", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=108334862800260" }, { "name": "20040604-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "CLA-2004:858", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000858" }, { "name": "10246", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/10246" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0519", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "12289", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/12289" }, { "name": "squirrel-composephp-xss(16025)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16025" }, { "name": "20040430 Re: SquirrelMail Cross Scripting Attacks....", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/361857" }, { "name": "SUSE-SR:2005:019", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html" }, { "name": "oval:org.mitre.oval:def:1006", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1006" }, { "name": "FEDORA-2004-160", "refsource": "FEDORA", "url": "http://www.securityfocus.com/advisories/6827" }, { "name": "11531", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11531" }, { "name": "11686", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11686" }, { "name": "11870", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11870" }, { "name": "DSA-535", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-535" }, { "name": "RHSA-2004:240", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2004-240.html" }, { "name": "FEDORA-2004-1733", "refsource": "FEDORA", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1733" }, { "name": "GLSA-200405-16", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200405-16.xml" }, { "name": "oval:org.mitre.oval:def:10274", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10274" }, { "name": "20040429 SquirrelMail Cross Scripting Attacks....", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=108334862800260" }, { "name": "20040604-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "CLA-2004:858", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000858" }, { "name": "10246", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10246" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0519", "datePublished": "2004-06-03T04:00:00", "dateReserved": "2004-06-02T00:00:00", "dateUpdated": "2024-08-08T00:17:15.176Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-1139 (GCVE-0-2004-1139)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:39:00.832Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.ethereal.com/appnotes/enpa-sa-00016.html" }, { "name": "CLA-2005:916", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "name": "GLSA-200412-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-15.xml" }, { "name": "13468", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/13468/" }, { "name": "MDKSA-2004:152", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:152" }, { "name": "RHSA-2005:037", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-037.html" }, { "name": "11943", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/11943" }, { "name": "ethereal-dicom-dos(18484)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18484" }, { "name": "oval:org.mitre.oval:def:11319", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11319" }, { "name": "FLSA-2006:152922", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html" }, { "name": "P-061", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/p-061.shtml" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-12-19T00:00:00", "descriptions": [ { "lang": "en", "value": "Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash)." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.ethereal.com/appnotes/enpa-sa-00016.html" }, { "name": "CLA-2005:916", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "name": "GLSA-200412-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-15.xml" }, { "name": "13468", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/13468/" }, { "name": "MDKSA-2004:152", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:152" }, { "name": "RHSA-2005:037", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-037.html" }, { "name": "11943", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/11943" }, { "name": "ethereal-dicom-dos(18484)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18484" }, { "name": "oval:org.mitre.oval:def:11319", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11319" }, { "name": "FLSA-2006:152922", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html" }, { "name": "P-061", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/p-061.shtml" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-1139", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash)." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.ethereal.com/appnotes/enpa-sa-00016.html", "refsource": "CONFIRM", "url": "http://www.ethereal.com/appnotes/enpa-sa-00016.html" }, { "name": "CLA-2005:916", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "name": "GLSA-200412-15", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-15.xml" }, { "name": "13468", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/13468/" }, { "name": "MDKSA-2004:152", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:152" }, { "name": "RHSA-2005:037", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-037.html" }, { "name": "11943", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11943" }, { "name": "ethereal-dicom-dos(18484)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18484" }, { "name": "oval:org.mitre.oval:def:11319", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11319" }, { "name": "FLSA-2006:152922", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html" }, { "name": "P-061", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/p-061.shtml" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-1139", "datePublished": "2004-12-31T05:00:00", "dateReserved": "2004-12-06T00:00:00", "dateUpdated": "2024-08-08T00:39:00.832Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0507 (GCVE-0-2004-0507)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:17:15.258Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "11776", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11776" }, { "name": "CLA-2005:916", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "name": "10347", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/10347" }, { "name": "11608", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11608" }, { "name": "6134", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/6134" }, { "name": "11836", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11836" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.ethereal.com/appnotes/enpa-sa-00014.html" }, { "name": "oval:org.mitre.oval:def:988", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A988" }, { "name": "O-150", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred" ], "url": "http://www.ciac.org/ciac/bulletins/o-150.shtml" }, { "name": "RHSA-2004:234", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2004-234.html" }, { "name": "20040605-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "oval:org.mitre.oval:def:11026", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11026" }, { "name": "ethereal-mmse-bo(16152)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16152" }, { "name": "GLSA-200406-01", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200406-01.xml" }, { "name": "20040604-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "1010158", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1010158" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-05-13T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "11776", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11776" }, { "name": "CLA-2005:916", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "name": "10347", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/10347" }, { "name": "11608", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11608" }, { "name": "6134", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/6134" }, { "name": "11836", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11836" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.ethereal.com/appnotes/enpa-sa-00014.html" }, { "name": "oval:org.mitre.oval:def:988", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A988" }, { "name": "O-150", "tags": [ "third-party-advisory", "government-resource", "x_refsource_CIAC" ], "url": "http://www.ciac.org/ciac/bulletins/o-150.shtml" }, { "name": "RHSA-2004:234", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2004-234.html" }, { "name": "20040605-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "oval:org.mitre.oval:def:11026", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11026" }, { "name": "ethereal-mmse-bo(16152)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16152" }, { "name": "GLSA-200406-01", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200406-01.xml" }, { "name": "20040604-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "1010158", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1010158" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0507", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "11776", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11776" }, { "name": "CLA-2005:916", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "name": "10347", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10347" }, { "name": "11608", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11608" }, { "name": "6134", "refsource": "OSVDB", "url": "http://www.osvdb.org/6134" }, { "name": "11836", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11836" }, { "name": "http://www.ethereal.com/appnotes/enpa-sa-00014.html", "refsource": "CONFIRM", "url": "http://www.ethereal.com/appnotes/enpa-sa-00014.html" }, { "name": "oval:org.mitre.oval:def:988", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A988" }, { "name": "O-150", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/o-150.shtml" }, { "name": "RHSA-2004:234", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2004-234.html" }, { "name": "20040605-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "name": "oval:org.mitre.oval:def:11026", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11026" }, { "name": "ethereal-mmse-bo(16152)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16152" }, { "name": "GLSA-200406-01", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200406-01.xml" }, { "name": "20040604-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "1010158", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1010158" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0507", "datePublished": "2004-06-03T04:00:00", "dateReserved": "2004-06-01T00:00:00", "dateUpdated": "2024-08-08T00:17:15.258Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0520 (GCVE-0-2004-0520)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:17:15.174Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt" }, { "name": "12289", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/12289" }, { "name": "oval:org.mitre.oval:def:1012", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1012" }, { "name": "oval:org.mitre.oval:def:10766", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10766" }, { "name": "GLSA-200406-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200406-08.xml" }, { "name": "20040530 RS-2004-1: SquirrelMail \"Content-Type\" XSS vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=108611554415078\u0026w=2" }, { "name": "FEDORA-2004-160", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://www.securityfocus.com/advisories/6827" }, { "name": "11870", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11870" }, { "name": "DSA-535", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-535" }, { "name": "RHSA-2004:240", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2004-240.html" }, { "name": "FEDORA-2004-1733", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1733" }, { "name": "10439", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/10439" }, { "name": "20040604-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "CLA-2004:858", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000858" }, { "name": "[squirrelmail-cvs] 20040523 [SM-CVS] CVS: squirrelmail/functions mime.php,1.265.2.27,1.265.2.28", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://marc.info/?l=squirrelmail-cvs\u0026m=108532891231712" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-05-29T00:00:00", "descriptions": [ { "lang": "en", "value": "Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt" }, { "name": "12289", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/12289" }, { "name": "oval:org.mitre.oval:def:1012", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1012" }, { "name": "oval:org.mitre.oval:def:10766", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10766" }, { "name": "GLSA-200406-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200406-08.xml" }, { "name": "20040530 RS-2004-1: SquirrelMail \"Content-Type\" XSS vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=108611554415078\u0026w=2" }, { "name": "FEDORA-2004-160", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://www.securityfocus.com/advisories/6827" }, { "name": "11870", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11870" }, { "name": "DSA-535", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-535" }, { "name": "RHSA-2004:240", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2004-240.html" }, { "name": "FEDORA-2004-1733", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1733" }, { "name": "10439", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/10439" }, { "name": "20040604-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "CLA-2004:858", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000858" }, { "name": "[squirrelmail-cvs] 20040523 [SM-CVS] CVS: squirrelmail/functions mime.php,1.265.2.27,1.265.2.28", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://marc.info/?l=squirrelmail-cvs\u0026m=108532891231712" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0520", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt", "refsource": "MISC", "url": "http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt" }, { "name": "12289", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/12289" }, { "name": "oval:org.mitre.oval:def:1012", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1012" }, { "name": "oval:org.mitre.oval:def:10766", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10766" }, { "name": "GLSA-200406-08", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200406-08.xml" }, { "name": "20040530 RS-2004-1: SquirrelMail \"Content-Type\" XSS vulnerability", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=108611554415078\u0026w=2" }, { "name": "FEDORA-2004-160", "refsource": "FEDORA", "url": "http://www.securityfocus.com/advisories/6827" }, { "name": "11870", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11870" }, { "name": "DSA-535", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-535" }, { "name": "RHSA-2004:240", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2004-240.html" }, { "name": "FEDORA-2004-1733", "refsource": "FEDORA", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1733" }, { "name": "10439", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10439" }, { "name": "20040604-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "name": "CLA-2004:858", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000858" }, { "name": "[squirrelmail-cvs] 20040523 [SM-CVS] CVS: squirrelmail/functions mime.php,1.265.2.27,1.265.2.28", "refsource": "MLIST", "url": "http://marc.info/?l=squirrelmail-cvs\u0026m=108532891231712" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0520", "datePublished": "2004-06-03T04:00:00", "dateReserved": "2004-06-02T00:00:00", "dateUpdated": "2024-08-08T00:17:15.174Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2004-0081 (GCVE-0-2004-0081)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-08T00:01:23.650Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "9899", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/9899" }, { "name": "ESA-20040317-003", "tags": [ "vendor-advisory", "x_refsource_ENGARDE", "x_transferred" ], "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html" }, { "name": "20040317 Re: New OpenSSL releases fix denial of service attacks [17 March 2004]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2" }, { "name": "RHSA-2004:121", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "name": "CLA-2004:834", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "name": "SCOSA-2004.10", "tags": [ "vendor-advisory", "x_refsource_SCO", "x_transferred" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "name": "20040304-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc" }, { "name": "openssl-tls-dos(15509)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "name": "FEDORA-2004-095", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml" }, { "name": "57524", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "name": "oval:org.mitre.oval:def:871", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871" }, { "name": "oval:org.mitre.oval:def:11755", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755" }, { "name": "VU#465542", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/465542" }, { "name": "TA04-078A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "name": "GLSA-200403-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "name": "11139", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/11139" }, { "name": "RHSA-2004:120", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "name": "RHSA-2004:119", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2004-119.html" }, { "name": "oval:org.mitre.oval:def:902", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902" }, { "name": "RHSA-2004:139", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html" }, { "name": "2004-0012", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2004/0012" }, { "name": "20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2" }, { "name": "20040317 Cisco OpenSSL Implementation Vulnerability", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "name": "DSA-465", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2004/dsa-465" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2004-03-17T00:00:00", "descriptions": [ { "lang": "en", "value": "OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "9899", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/9899" }, { "name": "ESA-20040317-003", "tags": [ "vendor-advisory", "x_refsource_ENGARDE" ], "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html" }, { "name": "20040317 Re: New OpenSSL releases fix denial of service attacks [17 March 2004]", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2" }, { "name": "RHSA-2004:121", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "name": "CLA-2004:834", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "name": "SCOSA-2004.10", "tags": [ "vendor-advisory", "x_refsource_SCO" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "name": "20040304-01-U", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc" }, { "name": "openssl-tls-dos(15509)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "name": "FEDORA-2004-095", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml" }, { "name": "57524", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "name": "oval:org.mitre.oval:def:871", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871" }, { "name": "oval:org.mitre.oval:def:11755", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755" }, { "name": "VU#465542", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/465542" }, { "name": "TA04-078A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "name": "GLSA-200403-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "name": "11139", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/11139" }, { "name": "RHSA-2004:120", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "name": "RHSA-2004:119", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2004-119.html" }, { "name": "oval:org.mitre.oval:def:902", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902" }, { "name": "RHSA-2004:139", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html" }, { "name": "2004-0012", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2004/0012" }, { "name": "20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2" }, { "name": "20040317 Cisco OpenSSL Implementation Vulnerability", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "name": "DSA-465", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2004/dsa-465" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0081", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "9899", "refsource": "BID", "url": "http://www.securityfocus.com/bid/9899" }, { "name": "ESA-20040317-003", "refsource": "ENGARDE", "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html" }, { "name": "20040317 Re: New OpenSSL releases fix denial of service attacks [17 March 2004]", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2" }, { "name": "RHSA-2004:121", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "name": "CLA-2004:834", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "name": "SCOSA-2004.10", "refsource": "SCO", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "name": "20040304-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc" }, { "name": "openssl-tls-dos(15509)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509" }, { "name": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm", "refsource": "MISC", "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "name": "FEDORA-2004-095", "refsource": "FEDORA", "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml" }, { "name": "57524", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "name": "oval:org.mitre.oval:def:871", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871" }, { "name": "oval:org.mitre.oval:def:11755", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755" }, { "name": "VU#465542", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/465542" }, { "name": "TA04-078A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "name": "GLSA-200403-03", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "name": "11139", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11139" }, { "name": "RHSA-2004:120", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "name": "RHSA-2004:119", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2004-119.html" }, { "name": "oval:org.mitre.oval:def:902", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902" }, { "name": "RHSA-2004:139", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html" }, { "name": "2004-0012", "refsource": "TRUSTIX", "url": "http://www.trustix.org/errata/2004/0012" }, { "name": "20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2" }, { "name": "20040317 Cisco OpenSSL Implementation Vulnerability", "refsource": "CISCO", "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "name": "DSA-465", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-465" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0081", "datePublished": "2004-03-18T05:00:00", "dateReserved": "2004-01-19T00:00:00", "dateUpdated": "2024-08-08T00:01:23.650Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2005-0759 (GCVE-0-2005-0759)
Vulnerability from cvelistv5
- n/a
▼ | URL | Tags |
---|---|---|
http://securitytracker.com/id?1013550 | vdb-entry, x_refsource_SECTRACK | |
http://www.securityfocus.com/bid/12875 | vdb-entry, x_refsource_BID | |
http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html | vendor-advisory, x_refsource_SUSE | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11022 | vdb-entry, signature, x_refsource_OVAL | |
https://rhn.redhat.com/errata/RHSA-2005-070.html | vendor-advisory, x_refsource_REDHAT | |
http://www.debian.org/security/2005/dsa-702 | vendor-advisory, x_refsource_DEBIAN |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T21:28:27.132Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1013550", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1013550" }, { "name": "12875", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/12875" }, { "name": "SUSE-SA:2005:017", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html" }, { "name": "oval:org.mitre.oval:def:11022", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11022" }, { "name": "RHSA-2005:070", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://rhn.redhat.com/errata/RHSA-2005-070.html" }, { "name": "DSA-702", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2005/dsa-702" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-03-23T00:00:00", "descriptions": [ { "lang": "en", "value": "ImageMagick before 6.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image with an invalid tag." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "1013550", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1013550" }, { "name": "12875", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/12875" }, { "name": "SUSE-SA:2005:017", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html" }, { "name": "oval:org.mitre.oval:def:11022", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11022" }, { "name": "RHSA-2005:070", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://rhn.redhat.com/errata/RHSA-2005-070.html" }, { "name": "DSA-702", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2005/dsa-702" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2005-0759", "datePublished": "2005-03-26T05:00:00", "dateReserved": "2005-03-17T00:00:00", "dateUpdated": "2024-08-07T21:28:27.132Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:firewall_services_module:*:*:*:*:*:*:*:*", "matchCriteriaId": "2A9CB22A-21E0-46F6-B6CD-BB38A80FA7A4", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "B9CAFC15-178C-4176-9668-D4A04B63E77B", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C8D6949-89F4-40EF-98F4-8D15628DC345", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1_\\(3.005\\):*:*:*:*:*:*:*", "matchCriteriaId": "F3DB2AEE-FB5C-42B7-845B-EDA3E58D5D68", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:firewall_services_module:2.1_\\(0.208\\):*:*:*:*:*:*:*", "matchCriteriaId": "6479D85C-1A12-486D-818C-6679F415CA26", "vulnerable": true }, { "criteria": "cpe:2.3:h:hp:aaa_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "287CF5FA-D0EC-4FD7-9718-973587EF34DF", "vulnerable": true }, { "criteria": "cpe:2.3:h:hp:apache-based_web_server:2.0.43.00:*:*:*:*:*:*:*", "matchCriteriaId": "C88168D4-7DB5-4720-8640-400BB680D0FD", "vulnerable": true }, { "criteria": "cpe:2.3:h:hp:apache-based_web_server:2.0.43.04:*:*:*:*:*:*:*", "matchCriteriaId": "968915A1-375B-4C69-BE11-9A393F7F1B0F", "vulnerable": true }, { "criteria": "cpe:2.3:h:symantec:clientless_vpn_gateway_4400:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "11465DCA-72E5-40E9-9D8E-B3CD470C47E9", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3954D0D1-9FDF-47D0-9710-D0FB06955B8B", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "3D6712BD-DE8F-40F5-AC74-B9EFE9A50CFA", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E586558A-ABC3-42EB-8B4D-DC92A0D695E6", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg200:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A4C5F60-B32D-4D85-BA28-AE11972ED614", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg200:4.31.29:*:*:*:*:*:*:*", "matchCriteriaId": "6A5935C3-3D83-461F-BC26-E03362115C42", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg203:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "80AC523B-3106-46F2-B760-803DCF8061F4", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg203:4.31.29:*:*:*:*:*:*:*", "matchCriteriaId": "F8B8D6F3-D15D-489F-A807-17E63F4831F2", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg208:*:*:*:*:*:*:*:*", "matchCriteriaId": "808189BA-197F-49CE-933E-A728F395749C", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg208:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "32DCFA7B-7BBB-465A-A4AD-7E18EE3C02DC", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg5:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "CC7EF0CD-EA39-457B-8E2E-9120B65A5835", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg5:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "7BC2983F-5212-464B-AC21-8A897DEC1F58", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg5:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "EBF17989-D1F2-4B04-80BD-CFABDD482ABA", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*", "matchCriteriaId": "441BE3A0-20F4-4972-B279-19B3DB5FA14D", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*", "matchCriteriaId": "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*", "matchCriteriaId": "00EAEA17-033A-4A50-8E39-D61154876D2F", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*", "matchCriteriaId": "0D9F2B04-A1F2-4788-A53D-C8274A758DDA", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*", "matchCriteriaId": "9A5309ED-D84F-4F52-9864-5B0FEEEE5022", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "DD7C441E-444B-4DF5-8491-86805C70FB99", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*", "matchCriteriaId": "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:8.05:*:*:*:*:*:*:*", "matchCriteriaId": "31B1ADC1-9B6D-4B5E-A05A-D69599A3A0D5", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*", "matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*", "matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*", "matchCriteriaId": "32310AFE-38CC-4C6C-AE13-54C18720F2C0", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "AC46909F-DDFC-448B-BCDF-1EB343F96630", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "1E140F76-D078-4F58-89CF-3278CDCB9AF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(11\\)e:*:*:*:*:*:*:*", "matchCriteriaId": "580BA1FE-0826-47A7-8BD3-9225E0841EDD", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e:*:*:*:*:*:*:*", "matchCriteriaId": "040B04CD-B891-4F19-A7CC-5C2D462FBD6C", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e12:*:*:*:*:*:*:*", "matchCriteriaId": "5BF29685-7FFC-4093-A1D4-21E4871AF5C6", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e14:*:*:*:*:*:*:*", "matchCriteriaId": "E72872C9-63AF-417F-BFAE-92B4D350C006", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)e9:*:*:*:*:*:*:*", "matchCriteriaId": "80BCF196-5E5A-4F31-BCE7-AA0C748CA922", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(19\\)e1:*:*:*:*:*:*:*", "matchCriteriaId": "970939C5-1E6F-47B6-97E6-7B2C1E019985", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy:*:*:*:*:*:*:*", "matchCriteriaId": "CD1F4148-E772-4708-8C1F-D67F969C11DA", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy1:*:*:*:*:*:*:*", "matchCriteriaId": "3CEBCEF0-5982-4B30-8377-9CAC978A1CB0", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.2sy:*:*:*:*:*:*:*", "matchCriteriaId": "09458CD7-D430-4957-8506-FAB2A3E2AA65", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.2za:*:*:*:*:*:*:*", "matchCriteriaId": "62626BB6-D4EA-4A8A-ABC1-F86B37F19EDB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:4d:webstar:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F8B87C95-4B34-4628-AD03-67D1DE13E097", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "758F95DB-E619-4B08-86FA-6CF2C1B0CBCD", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "4F04471C-732F-44EE-AD1B-6305C1DD7DDD", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "3499913B-5DCD-4115-8C7B-9E8AFF79DE5E", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "E237919A-416B-4039-AAD2-7FAE1F4E100D", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "39149924-188C-40C1-B598-A9CD407C90DE", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "15D5780C-4E29-4BCA-A47E-29FF6EAF33FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "E6501108-5455-48FE-AA82-37AFA5D7EC24", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*", "matchCriteriaId": "C1A3B951-A1F8-4291-82FA-AB7922D13ACE", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix:5.1.46:*:*:*:*:*:*:*", "matchCriteriaId": "3F2E7C81-C0F5-4D36-9A23-03BE69295ED0", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix:s3210:*:*:*:*:*:*:*", "matchCriteriaId": "9D0EF4A3-2FE5-41E4-A764-30B379ECF081", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix:s3400:*:*:*:*:*:*:*", "matchCriteriaId": "CCF6D59E-8AEA-4380-B86B-0803B2202F16", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:5:*:*:*:*:*:*:*", "matchCriteriaId": "140ABF28-FA39-4D77-AEB2-304962ED48C2", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:5x:*:*:*:*:*:*:*", "matchCriteriaId": "09473DD9-5114-44C5-B56C-6630FBEBCACB", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:100_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A7ECD3A4-5A39-4222-8350-524F11D8FFB0", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:500:*:*:*:*:*:*:*", "matchCriteriaId": "D36C140D-E80C-479A-ADA7-18E901549059", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:2000_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "940712E9-B041-4B7F-BD02-7DD0AE596D65", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:5000_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "03B887A2-9025-4C5B-8901-71BC63BF5293", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:7500_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "33264586-7160-4550-9FF9-4101D72F5C9B", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:10000_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "CE5E6521-0611-4473-82AC-21655F10FEC0", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:*:*:vsx-ng-ai:*:*:*:*:*", "matchCriteriaId": "AA9A50A1-CA8C-4EE5-B68F-4958F6B4B028", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:2.0:*:gx:*:*:*:*:*", "matchCriteriaId": "8C83ABA2-87CD-429B-9800-590F8256B064", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp0:*:*:*:*:*:*:*", "matchCriteriaId": "A4D9A576-2878-4AC4-AC95-E69CB8A84A71", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp1:*:*:*:*:*:*:*", "matchCriteriaId": "0A1A0B02-CF33-401F-9AB2-D595E586C795", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp2:*:*:*:*:*:*:*", "matchCriteriaId": "8C0EF3F0-B82E-45B7-8D05-05E76009F7A2", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "90FB3825-21A6-4DBE-8188-67672DBE01CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "80623E58-8B46-4559-89A4-C329AACF3CB7", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp2:*:*:*:*:*:*", "matchCriteriaId": "AEE6C228-CD93-4636-868B-C19BC1674BE6", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp3:*:*:*:*:*:*", "matchCriteriaId": "A645148C-AD0D-46C1-BEE3-10F5C9066279", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp4:*:*:*:*:*:*", "matchCriteriaId": "0D69187C-7F46-4FF0-A8A0-0E1989EA79BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation:*:*:*:*:*:*:*", "matchCriteriaId": "C48F4DF4-8091-45D0-9F80-F760500B1202", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp0:*:*:*:*:*:*:*", "matchCriteriaId": "4AE4A7EE-1BA3-46F1-BF4A-A72997EE0992", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp1:*:*:*:*:*:*:*", "matchCriteriaId": "02029D75-FAF2-4842-9246-079C7DE36417", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:vpn-1:vsx_ng_with_application_intelligence:*:*:*:*:*:*:*", "matchCriteriaId": "B5EF01C8-1C8A-4BD1-A13B-CE31F09F9523", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:access_registrar:*:*:*:*:*:*:*:*", "matchCriteriaId": "B8496E0D-2507-4C25-A122-0B846CBCA72A", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "8E383F2A-DFCF-47F8-94EE-3563D41EA597", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:css_secure_content_accelerator:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "D2D87EF0-056E-4128-89EB-2803ED83DEE9", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:css_secure_content_accelerator:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "BB3163C1-2044-44DA-9C88-076D75FDF1EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:css11000_content_services_switch:*:*:*:*:*:*:*:*", "matchCriteriaId": "07E1B690-C58B-4C08-A757-F3DF451FDAAA", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:okena_stormwatch:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "31F0E14C-7681-4D1A-B982-A51E450B93A7", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*", "matchCriteriaId": "ECBC761F-A8F5-4CD8-B19C-5CE8FFC58FDD", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:threat_response:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF39E8B-C201-4940-81C9-14AF4C3DD4B5", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:6.10:*:*:*:*:*:*:*", "matchCriteriaId": "AC604680-2E9E-4DC4-ACDD-74D552A45BA4", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:6.10_b4:*:*:*:*:*:*:*", "matchCriteriaId": "37A94436-D092-4C7E-B87B-63BC621EE82E", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.1_0.1.02:*:*:*:*:*:*:*", "matchCriteriaId": "862165CF-3CFB-4C6E-8238-86FA85F243C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.1_0.2.06:*:*:*:*:*:*:*", "matchCriteriaId": "056F3336-BAA8-4A03-90B4-7B31710FC1B3", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.2_0.0.03:*:*:*:*:*:*:*", "matchCriteriaId": "9FDC2510-FBB9-429A-B6D4-10AB11F93960", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.10:*:*:*:*:*:*:*", "matchCriteriaId": "5D45127E-A544-40A0-9D34-BD70D95C9772", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.10_.0.06s:*:*:*:*:*:*:*", "matchCriteriaId": "56C69C3E-C895-45C8-8182-7BB412A0C828", "vulnerable": true }, { "criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "A1FDD507-C38B-4C38-A54F-3DA6F07AD0B5", "vulnerable": true }, { "criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "6F2B7AC2-CF08-4AC9-9A71-3A8130F9F9AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "D4D9564B-B92E-4C97-87FF-B56D62DCA775", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:wbem:a.01.05.08:*:*:*:*:*:*:*", "matchCriteriaId": "B931D4F8-23F5-4ABA-A457-959995D30C58", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:wbem:a.02.00.00:*:*:*:*:*:*:*", "matchCriteriaId": "BE6A023E-9C2A-487F-B5CE-674C766BFE75", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:wbem:a.02.00.01:*:*:*:*:*:*:*", "matchCriteriaId": "6A15ACA2-D500-4260-B51A-6FE6AB5A45A4", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2A045971-8756-47E8-9044-C39D08B36F1F", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "CAA95881-7231-4FDA-AF73-04DF9FF0B64C", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "62B7F6AD-EDBD-4B09-BDB2-795ED114F2AE", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "F045AB7B-1551-46E5-A5CC-BF13C1BB49F4", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "44E85930-3AAD-420B-8E3E-AEC57344F6C4", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "52FD4485-BCA2-485A-A0CF-F8152C9DBFA5", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "7CF53BE4-FE2D-4D63-BD0F-A423D0FE3BE3", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "00993464-BE09-4691-B3F0-51BBA9FB80C3", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc2:*:*:*:*:*:*:*", "matchCriteriaId": "896AB39E-2078-4BA2-9522-477BD5F98FD1", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "EB9279EC-47CF-45F1-B4CC-B2B332E82E34", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "E7300C3E-8105-4C23-89B9-7D29CED18C15", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "90C59DB2-48DA-4172-A1F5-25CF3B5097AE", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc2:*:*:*:*:*:*:*", "matchCriteriaId": "715F4E0B-7E4B-4520-A987-9B3ED3136B75", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc3:*:*:*:*:*:*:*", "matchCriteriaId": "9CA1F606-C558-40FD-9300-6E2796F47BA8", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "A037FAA6-6D26-4496-BC67-03475B4D1155", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3831DD3-E783-4200-8986-FDBF7DD9BA53", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "2909C9D5-3D8F-4C41-B0E7-A0C0B432C19A", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "E09436DF-E3C1-4C03-A3BE-73C4BC84BB7B", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "699764B6-0F86-4AB0-86A3-4F2E69AD820C", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "7562ADC4-0D01-4FC2-98F0-1F4041BDA52E", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*", "matchCriteriaId": "E6FAB588-BDBE-4A04-AB9E-4F700A3951F0", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*", "matchCriteriaId": "E1B83F84-D1EF-43B4-8620-3C1BCCE44553", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*", "matchCriteriaId": "41169D2F-4F16-466A-82E9-AD0735472B5B", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "947699C3-D9DE-411A-99C0-44ADD1D2223A", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*", "matchCriteriaId": "15F668C0-8420-4401-AB0F-479575596CF0", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "CDDCC7B6-34CA-4551-9833-306B93E517BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "6D69C160-39F7-48B8-B9A3-CC86690453C0", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:imanager:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "166BF638-ABDC-4BB9-BD4E-2B22681AD9CC", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:imanager:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8FA6420B-9F6A-48F4-A445-12B60A320347", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", "matchCriteriaId": "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", "matchCriteriaId": "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", "matchCriteriaId": "180D07AE-C571-4DD6-837C-43E2A946007A", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", "matchCriteriaId": "BA3E4D2A-6488-4F8B-A3CA-4161A10FA4DB", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", "matchCriteriaId": "90789533-C741-4B1C-A24B-2C77B9E4DE5F", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", "matchCriteriaId": "1520065B-46D7-48A4-B9D0-5B49F690C5B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", "matchCriteriaId": "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", "matchCriteriaId": "2AA526B9-726A-49D5-B3CA-EBE2DA303CA0", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", "matchCriteriaId": "494E48E7-EF86-4860-9A53-94F6C313746E", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", "matchCriteriaId": "45A518E8-21BE-4C5C-B425-410AB1208E9C", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", "matchCriteriaId": "9E3AB748-E463-445C-ABAB-4FEDDFD1878B", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", "matchCriteriaId": "660E4B8D-AABA-4520-BC4D-CF8E76E07C05", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", "matchCriteriaId": "85BFEED5-4941-41BB-93D1-CD5C2A41290E", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", "matchCriteriaId": "78E79A05-64F3-4397-952C-A5BB950C967D", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", "matchCriteriaId": "7F7C9E77-1EB2-4720-A8FD-23DC1C877D5A", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", "matchCriteriaId": "549BB01D-F322-4FE3-BDA2-4FEA8ED8568A", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.6-15:*:i386:*:*:*:*:*", "matchCriteriaId": "09F3FB7B-0F68-49F3-A3B7-977A687A42E2", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.6b-3:*:i386:*:*:*:*:*", "matchCriteriaId": "088F2FF7-96E5-455E-A35B-D99F9854EC6E", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386:*:*:*:*:*", "matchCriteriaId": "FFA721BF-1B2E-479F-BF25-02D441BF175B", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_dev:*:*:*:*:*", "matchCriteriaId": "AFEDCE49-21CC-4168-818F-4C638EE3B077", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_perl:*:*:*:*:*", "matchCriteriaId": "B7D18F9B-C0BE-4DE8-81F4-5BF56C00BF41", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:servercluster:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "8F0F78F4-E81E-4C6B-AB73-D6AAE191060E", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:servercluster:2.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "DF1A5808-6D5D-48AD-9470-5A6510D17913", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C1E8990D-D9A0-4A71-9D87-EC047E01B0D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "6DBCC172-6867-4DFD-AAEF-9BDB4DA21F46", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C2F2BEEA-46BB-4718-B0F3-B4EC62B678A6", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "8D09E11C-C5BB-409E-BB0D-7F351250419B", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B06A05D-AA31-441D-9FC2-3558648C3B7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C0886901-6F93-44C1-B774-84D7E5D9554C", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "3F203A80-7C1E-4A04-8E99-63525E176753", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "CA0A204C-158B-4014-A53C-75E0CD63E0DE", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "085BA581-7DA5-4FA4-A888-351281FD0A7D", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.5.17:*:*:*:*:*:*:*", "matchCriteriaId": "EA1C4B3C-5701-4233-BA94-28915713F9C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.5.18:*:*:*:*:*:*:*", "matchCriteriaId": "28D9F8D7-698A-486A-918A-7DB5CAFBB3CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "D125C2A0-A4B5-48D6-A38A-54755C3FDF4C", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "0F85F672-0F21-4AD7-8620-13D82F2ECC22", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "89070041-613A-4F7B-BD6A-C6091D21FC52", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "D9A71933-4BD5-4B11-8B14-D997E75F29CD", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B6BE11D-FC02-4950-A554-08CC9D8B1853", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A53FD0E1-9BAA-43F0-BCC9-0BE8D4356F55", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "B80ADAE8-94D4-46A4-A5ED-FF134D808B52", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "69FA0221-5073-4D45-950F-119497B53FED", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "C4AE5B43-7C90-4C2A-A215-30F5EC5841C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "2CC1A110-B203-4962-8E1A-74BD98121AF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "B5A92C4D-B024-4D39-9479-409C39586F64", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "E7E0C4F5-CF02-4FF6-AE9B-5B6B70D5C067", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "5E8998CC-E372-46D0-8339-47DC8D92D253", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "AF131FDC-BF8D-4A17-99F0-444EB900E83D", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "880811B3-E78E-456E-972E-DE733F368576", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "22411F18-2B93-405A-A3B5-2CF0A04977C6", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "C71188B7-E6DC-41E5-B619-367341113501", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "07491444-0196-4504-A971-A5E388B86BBA", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "72BC6CD2-3291-4E69-8DC6-F3AB853F8931", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "CD43EDDF-58A7-4705-B8C7-FD76C35A437D", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "A7C2E603-568F-40F6-9A7C-439E2A51B37F", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "703421A7-E8C5-450B-97EF-FD9D99D4B834", "vulnerable": true }, { "criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.20:*:*:*:*:*:*:*", "matchCriteriaId": "9519BCB2-B401-44CE-97F6-847BB36AE45F", "vulnerable": true }, { "criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.30:*:*:*:*:*:*:*", "matchCriteriaId": "BBE573E8-DD94-4293-99AE-27B9067B3ED9", "vulnerable": true }, { "criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.40:*:*:*:*:*:*:*", "matchCriteriaId": "D14413DA-5199-4282-9E22-D347E9D8E469", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "05CC5F49-0E9E-45D8-827D-A5940566DB25", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:2.0.1_build_2129:*:*:*:*:*:*:*", "matchCriteriaId": "5D94EE19-6CE9-4E02-8174-D9954CDBF02B", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "D4E4BEE3-AE7B-4481-B724-2E644E18ACC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1_build_5336:*:*:*:*:*:*:*", "matchCriteriaId": "EAAB7052-E0B6-472E-920B-A0F0AEA25D6A", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:3.0_build_7592:*:*:*:*:*:*:*", "matchCriteriaId": "8CE38F15-BD42-4171-8670-86AA8169A60C", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "20C0BD87-CE4B-49D2-89BE-EF282C43AD72", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "C3E6C4A8-59F4-43EE-8413-E95289037598", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "FE76357A-27E6-4D85-9AA0-1BB658C41568", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "C56C5FDB-24E2-479D-87CA-164CD28567D3", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019", "vulnerable": true }, { "criteria": "cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*", "matchCriteriaId": "1B6CFEC9-0F8F-4CD4-ABD1-E6533F910F7F", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "12DE5E22-DF93-46BE-85A3-D4E04379E901", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*", "matchCriteriaId": "BF28C435-C036-4507-8E3F-44E722F9974A", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:gss_4480_global_site_selector:*:*:*:*:*:*:*:*", "matchCriteriaId": "CDA957E2-ABF9-49B2-874F-3FC3060CE0B0", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:gss_4490_global_site_selector:*:*:*:*:*:*:*:*", "matchCriteriaId": "5F2CDFE7-6853-4A31-85C0-50C57A8D606A", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:mds_9000:*:*:*:*:*:*:*:*", "matchCriteriaId": "0F2ED90B-DDBA-49DE-AC78-20E7D77C8858", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:secure_content_accelerator:10000:*:*:*:*:*:*:*", "matchCriteriaId": "408A9DB0-81EF-4186-B338-44954E67289B", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B0C5F92-7E93-4C3F-B22B-E6612A4D3E10", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.01:*:*:*:*:*:*:*", "matchCriteriaId": "2D0DC4B4-9AD9-4AC8-BFA7-A3D209B5D089", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.02:*:*:*:*:*:*:*", "matchCriteriaId": "303362A5-9C3C-4C85-8C97-2AB12CE01BF6", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.03:*:*:*:*:*:*:*", "matchCriteriaId": "FED22DC1-E06B-4511-B920-6DAB792262D8", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.04:*:*:*:*:*:*:*", "matchCriteriaId": "4CE44CA7-4BC7-4C2B-948F-2ACABB91528B", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "F757B2A7-869F-4702-81EB-466317A79D61", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.1.02:*:*:*:*:*:*:*", "matchCriteriaId": "01F6E9A9-6C85-48DA-BC61-55F8EACCB59F", "vulnerable": true }, { "criteria": "cpe:2.3:h:sun:crypto_accelerator_4000:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "64AF1E33-4086-43E2-8F54-DA75A99D4B75", "vulnerable": true }, { "criteria": "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "53D16F03-A4C7-4497-AB74-499F208FF059", "vulnerable": true }, { "criteria": "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "13A33EC1-836B-4C8C-AC18-B5BD4F90E612", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "58BE9C02-2A01-4F6F-A6BD-BC0173561E9B", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "C558CED8-8342-46CB-9F52-580B626D320E", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "0F85D19E-6C26-429D-B876-F34238B9DAAF", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "FEC7CCF7-CBC6-4EDC-8EDD-884DFFFBCC7D", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "E5011A33-CD6D-4EFC-ACFD-E51C9AE726A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4.101\\):*:*:*:*:*:*:*", "matchCriteriaId": "09063867-0E64-4630-B35B-4CCA348E4DAB", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "78F98CD7-A352-483C-9968-8FB2627A7CBD", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "F97FE485-705F-4707-B6C6-0EF9E8A85D5F", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "E2B925E8-D2C2-4E8C-AC21-0C422245C482", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "B9170562-872E-4C32-869C-B10FF35A925E", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "D0927A68-8BB2-4F03-8396-E9CACC158FC0", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(5\\):*:*:*:*:*:*:*", "matchCriteriaId": "559DDBA3-2AF4-4A0C-B219-6779BA931F21", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "ED9D142A-DDC8-4BD6-8C22-F242C9C0B1ED", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "5226C9CC-6933-4F10-B426-B47782C606FD", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "757DAE9A-B25D-4B8A-A41B-66C2897B537E", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "5E3DC170-E279-4725-B9EE-6840B5685CC9", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3.100\\):*:*:*:*:*:*:*", "matchCriteriaId": "8091EDA9-BD18-47F7-8CEC-E086238647C6", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "6F867890-74A4-4892-B99A-27DB4603B873", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "CE05B514-F094-4632-B25B-973F976F6409", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "3392428D-1A85-4472-A276-C482A78E2CE1", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.102\\):*:*:*:*:*:*:*", "matchCriteriaId": "40954985-16E6-4F37-B014-6A55166AE093", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.109\\):*:*:*:*:*:*:*", "matchCriteriaId": "0C097809-1FEF-4417-A201-42291CC29122", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool." }, { "lang": "es", "value": "OpenSSL 0.9.6 anteriores a la 0.9.6d no manejan adecuadamente los tipos de mensajes desconocidos, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicios (por bucle infinito), como se demuestra utilizando la herramienta de testeo Codenomicon TLS." } ], "id": "CVE-2004-0081", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-11-23T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "source": "cve@mitre.org", "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2004-119.html" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/11139" }, { "source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "source": "cve@mitre.org", "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "source": "cve@mitre.org", "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2004/dsa-465" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/465542" }, { "source": "cve@mitre.org", "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9899" }, { "source": "cve@mitre.org", "url": "http://www.trustix.org/errata/2004/0012" }, { "source": "cve@mitre.org", "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=107955049331965\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=108403850228012\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2004-119.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/11139" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2004/dsa-465" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/465542" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9899" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trustix.org/errata/2004/0012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15509" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11755" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A871" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A902" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
mozilla | mozilla | 1.0 | |
mozilla | mozilla | 1.0 | |
mozilla | mozilla | 1.0 | |
mozilla | mozilla | 1.0.1 | |
mozilla | mozilla | 1.0.2 | |
mozilla | mozilla | 1.1 | |
mozilla | mozilla | 1.1 | |
mozilla | mozilla | 1.1 | |
mozilla | mozilla | 1.2 | |
mozilla | mozilla | 1.2 | |
mozilla | mozilla | 1.2 | |
mozilla | mozilla | 1.2.1 | |
mozilla | mozilla | 1.3 | |
mozilla | mozilla | 1.3.1 | |
mozilla | mozilla | 1.4 | |
mozilla | mozilla | 1.4 | |
mozilla | mozilla | 1.4 | |
mozilla | mozilla | 1.4.1 | |
mozilla | mozilla | 1.4.2 | |
mozilla | mozilla | 1.4.4 | |
mozilla | mozilla | 1.5 | |
mozilla | mozilla | 1.6 | |
mozilla | mozilla | 1.7 | |
mozilla | mozilla | 1.7 | |
mozilla | mozilla | 1.7.1 | |
mozilla | mozilla | 1.7.2 | |
mozilla | mozilla | 1.7.3 | |
mozilla | mozilla | 1.8 | |
sgi | propack | 3.0 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux_desktop | 3.0 | |
redhat | fedora_core | core_1.0 | |
redhat | fedora_core | core_2.0 | |
redhat | linux | 7.3 | |
redhat | linux | 7.3 | |
redhat | linux | 7.3 | |
redhat | linux | 9.0 | |
redhat | linux_advanced_workstation | 2.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mozilla:mozilla:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "CCDAEAE6-BA9F-4D40-B264-4A72930239E1", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "C9296197-0EE0-4CC0-A11F-E44E3443E990", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "A76ACC55-754D-4501-8312-5A4E10D053B8", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A8987151-0901-4547-B750-5DC470BB9CF7", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "53E60BCC-6D1C-489E-9F3B-9BE42B46704F", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "66A87ED8-9E1F-4C2C-B806-A41765081C9C", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.1:alpha:*:*:*:*:*:*", "matchCriteriaId": "C795D86F-9B08-41FE-B82B-5BBB3DE6357D", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.1:beta:*:*:*:*:*:*", "matchCriteriaId": "2637D552-4A3D-4867-B52A-ACCED8681AF4", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "7CC237C8-CFE0-4128-B549-93CD16894E71", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.2:alpha:*:*:*:*:*:*", "matchCriteriaId": "6B8EA79A-8426-44CF-AF13-58F7EF8B6D88", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.2:beta:*:*:*:*:*:*", "matchCriteriaId": "367A5D46-0FF3-4140-9478-251363822E9C", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "CAA58EE9-05C7-4395-A8A4-5F54BE4C5DAD", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "C656A621-BE62-4BB8-9B25-A3916E60FA12", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "F8DE4889-424F-4A44-8C14-9F18821CE961", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "4D3F91A1-7DD9-4146-8BA4-BE594C66DD30", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.4:alpha:*:*:*:*:*:*", "matchCriteriaId": "82A6419D-0E94-4D80-8B07-E5AB4DBA2F28", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.4:beta:*:*:*:*:*:*", "matchCriteriaId": "1003D688-3EEA-45F9-BB2C-5BAB395D7678", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "ED69BEB9-8D83-415B-826D-9D17FB67976B", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "9AE678D7-812D-4C55-91B0-F3AC6BE0CD58", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "098458D4-635B-4A4D-9472-39370094E1ED", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "BCDB64E5-AE26-43DF-8A66-654D5D22A635", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.6:*:*:*:*:*:*:*", "matchCriteriaId": "6BF63077-4E98-497D-8CE6-B84B022DB21D", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "FCEAEDEB-0EE7-4221-B9B8-65438580D331", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.7:rc3:*:*:*:*:*:*", "matchCriteriaId": "150F1B28-0FAB-4880-B1D5-7F244A1C4D31", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "2FE7EA3B-3BF8-4696-9488-78506074D62D", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "CCFD7AF7-0FE9-4F56-98B0-60FC7F7F1B78", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "C883B45F-D28D-428E-AAF7-F93522A229DC", "vulnerable": true }, { "criteria": "cpe:2.3:a:mozilla:mozilla:1.8:alpha2:*:*:*:*:*:*", "matchCriteriaId": "10349BA5-70D3-4D11-94F6-A77D8570CB06", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*", "matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i686:*:*:*:*:*", "matchCriteriaId": "05853955-CA81-40D3-9A70-1227F3270D3C", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*", "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme." } ], "id": "CVE-2004-1613", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-10-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://lcamtuf.coredump.cx/mangleme/gallery/" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027709.html" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=109811406620511\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://securitytracker.com/id?1011810" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-323.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11439" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17805" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10227" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://lcamtuf.coredump.cx/mangleme/gallery/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027709.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=109811406620511\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://securitytracker.com/id?1011810" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-323.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11439" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17805" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10227" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "EFE4FA19-F2EA-4292-A441-2E4A39366942", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FA5D7FD1-D5AB-4987-801A-FA464C31298A", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "772710C7-41FE-47E2-B0D7-A3C8D36C8808", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "7358AD98-44C1-4CC4-BD50-CFF3822F3A96", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "AAA1C283-E518-4BC6-BBF0-FCE09F9E0F17", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "5B8A74FB-07B0-42D6-ABF3-D7A073A329E3", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "49668AFD-4821-4D5A-BEBD-DF55A8AB58C6", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "57E0BFFD-D777-43A5-AEE8-765F55C86E93", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6_sp1:*:*:*:*:*:*:*", "matchCriteriaId": "DAF9A151-6EBF-4760-A154-A34FF7C9E632", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*", "matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*", "matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*", "matchCriteriaId": "6CC9AA17-3EF4-4BC5-9E29-5A6525B9AC51", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*", "matchCriteriaId": "A9C60C23-FC4D-4D14-B3E3-ECD797888AB3", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_workstations:*:*:*:*:*", "matchCriteriaId": "D04E2381-68CB-455F-8878-17C8E4112C95", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*", "matchCriteriaId": "4AE00A20-8152-48D9-9AC4-EA359284E635", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*", "matchCriteriaId": "6B334073-9FF3-4F75-8702-51DB6937B7F6", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:*", "matchCriteriaId": "2D553EF0-6A08-4DD0-A301-99AADAFBFFBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*", "matchCriteriaId": "C8C41338-0651-425E-A823-C8CBD91977D0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*", "matchCriteriaId": "46F72328-7B69-4A1B-A065-E65544F27A75", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:mimesweeper:*:*:*:*:*", "matchCriteriaId": "2BA28970-0DB9-433E-83A1-36BF05DB062A", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*", "matchCriteriaId": "C0D25A1D-2B31-4B29-96FE-A793F8244F66", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*", "matchCriteriaId": "AC90ADFD-32FE-4EA1-9583-5EFE585152CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:mimesweeper:*:*:*:*:*", "matchCriteriaId": "B490FC59-616A-4F90-95D8-50F9C0D6CB40", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*", "matchCriteriaId": "858468E0-4208-4703-A3AA-4BF6CC254DDB", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*", "matchCriteriaId": "4E26052D-35B8-44E7-8F66-442BA55F4483", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*", "matchCriteriaId": "CBA4A9B7-626A-4539-852F-96C49D860E41", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*", "matchCriteriaId": "19828867-7079-4233-A3B8-BF7A3052FB8B", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*", "matchCriteriaId": "831F0C4D-C85F-46DA-BC9E-D3F56DE2B085", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*", "matchCriteriaId": "7F996B07-8B07-42A6-86FC-B5B55F708861", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_for_firewalls:6.20:*:*:*:*:*:*:*", "matchCriteriaId": "119D5A71-E7C2-4603-9D78-A161D82BC2D1", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2003:*:*:*:*:*:*:*", "matchCriteriaId": "6689D4E1-F8DC-46D9-BA35-4E4AE9C28456", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*", "matchCriteriaId": "0429B86A-F228-44E8-ABBB-D57BEE3679F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.5:*:*:*:*:*:*:*", "matchCriteriaId": "72DE7015-C1FF-4803-8B28-5AF5ECC3AAB2", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.6:*:*:*:*:*:*:*", "matchCriteriaId": "D04F7296-3290-40D1-9CFB-E52FADAE5719", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.7:*:*:*:*:*:*:*", "matchCriteriaId": "B9A0DDB6-4B86-430E-879A-C835DBB96C42", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*", "matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*", "matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4", "vulnerable": true }, { "criteria": "cpe:2.3:a:rarlab:winrar:3.20:*:*:*:*:*:*:*", "matchCriteriaId": "C1011521-AEF2-40EB-B671-66B20FF01CC5", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:lha:1.14i-9:*:i386:*:*:*:*:*", "matchCriteriaId": "EB59539A-8973-45C8-A553-1B524DA43937", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:stalker:cgpmcafee:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "FC4CB399-2E2F-4A73-BA41-3EFB0DBDC404", "vulnerable": true }, { "criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.14:*:*:*:*:*:*:*", "matchCriteriaId": "081C75A4-FDB1-4941-8276-985570632A82", "vulnerable": true }, { "criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.15:*:*:*:*:*:*:*", "matchCriteriaId": "A623BD1B-DB9A-4545-9970-E3492AA39A33", "vulnerable": true }, { "criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.17:*:*:*:*:*:*:*", "matchCriteriaId": "8984B914-9850-405C-AAE6-A7C266F13BA3", "vulnerable": true }, { "criteria": "cpe:2.3:a:winzip:winzip:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "523ADB29-C3D5-4C06-89B6-22B5FC68C240", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive." }, { "lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer basados en la pila en la funci\u00f3n get_header de header.c de LHA 1.14 utilizado en productos como Barracuda Spam Firewall, permite a atacantes remotos o a usuarios locales ejecutar c\u00f3digo arbitrario mediante nombres de fichero o de directorio largos en un archivo LHA, lo que dispara el desbordamiento cuando se prueba o se extrae un fichero." } ], "id": "CVE-2004-0234", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-08-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840" }, { "source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html" }, { "source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19514" }, { "source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200405-02.xml" }, { "source": "cve@mitre.org", "url": "http://securitytracker.com/id?1015866" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2004/dsa-515" }, { "source": "cve@mitre.org", "url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/5753" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/5754" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-178.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-179.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/10243" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/1220" }, { "source": "cve@mitre.org", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/19514" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200405-02.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1015866" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2004/dsa-515" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/5753" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/5754" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-178.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-179.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/10243" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2006/1220" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
sgi | propack | 3.0 | |
squirrelmail | squirrelmail | 1.0.4 | |
squirrelmail | squirrelmail | 1.0.5 | |
squirrelmail | squirrelmail | 1.2.0 | |
squirrelmail | squirrelmail | 1.2.1 | |
squirrelmail | squirrelmail | 1.2.2 | |
squirrelmail | squirrelmail | 1.2.3 | |
squirrelmail | squirrelmail | 1.2.4 | |
squirrelmail | squirrelmail | 1.2.5 | |
squirrelmail | squirrelmail | 1.2.6 | |
squirrelmail | squirrelmail | 1.2.7 | |
squirrelmail | squirrelmail | 1.2.8 | |
squirrelmail | squirrelmail | 1.2.9 | |
squirrelmail | squirrelmail | 1.2.10 | |
squirrelmail | squirrelmail | 1.2.11 | |
squirrelmail | squirrelmail | 1.4 | |
squirrelmail | squirrelmail | 1.4.1 | |
squirrelmail | squirrelmail | 1.4.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "67E9817E-FF56-4FD0-B6C7-F4EEB25AD0CF", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "5EBF40C5-6272-427C-97A1-3CE3B1D47B12", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "A55A98B3-34ED-4A90-BB78-50CB56B1B51F", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "CC5143ED-D4C5-4830-9C96-0B54D03679CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "9B765AEC-09E9-456C-8B57-09927E55D119", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "0AAFC3B0-DCE3-4190-B279-E095C666FA34", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "9291A565-0BD6-4B5E-B45F-9DE65AB8159D", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "B6F53A84-FC66-4963-A728-7285F63D4761", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "69A941FF-423E-49C5-AE1F-FE7ED016CA3D", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "B34FDB1D-881B-4343-A76E-F23B93A0469A", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "1E4DCB20-2A7F-4EE4-BAFA-AD74CD4456AB", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "052914F8-B52C-4AB4-8F85-68D788B588C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "617C554F-8E7D-4F8A-AF63-C193934C8215", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.11:*:*:*:*:*:*:*", "matchCriteriaId": "15F11950-A2E4-4F57-BF87-57788B841A21", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "026730B8-3919-4100-8607-C640ADBDD662", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "4AD31177-05BB-4623-AED7-765DB7E44E47", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "20247A22-9AB9-4BCE-BF28-350B52FBC62D", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 allows remote attackers to execute unauthorized SQL statements, with unknown impact, probably via abook_database.php." }, { "lang": "es", "value": "Vulnerabilidad de inyecci\u00f3n de SQL en SquirrelMail anteriores a 1.4.3 RC1 permite a atacantes remotos ejecutar sentencias SQL no autorizadas, con impacto desconocido, probablemente mediante abook_database.php." } ], "id": "CVE-2004-0521", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-08-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000858" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=squirrelmail-cvs\u0026m=108309375029888" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=squirrelmail-cvs\u0026m=108532891231712" }, { "source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2004-240.html" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/11685" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/11686" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/11870" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/12289" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200405-16.xml" }, { "source": "cve@mitre.org", "url": "http://www.ciac.org/ciac/bulletins/o-212.shtml" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2004/dsa-535" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/6841" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/advisories/6827" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/advisories/7148" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/10397" }, { "source": "cve@mitre.org", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1733" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16235" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1033" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11446" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000858" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=squirrelmail-cvs\u0026m=108309375029888" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=squirrelmail-cvs\u0026m=108532891231712" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2004-240.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/11685" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/11686" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/11870" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/12289" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200405-16.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ciac.org/ciac/bulletins/o-212.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2004/dsa-535" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/6841" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/advisories/6827" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/advisories/7148" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/10397" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1733" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16235" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1033" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11446" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:lesstif:lesstif:0.93.94:*:*:*:*:*:*:*", "matchCriteriaId": "63A4B331-2868-46E3-9734-DC3AEFD2F756", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:x.org:x11r6:6.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "76FFBC43-2178-48DF-B61E-CCBA4682AC5E", "vulnerable": true }, { "criteria": "cpe:2.3:a:x.org:x11r6:6.8:*:*:*:*:*:*:*", "matchCriteriaId": "8F506308-E878-4AA5-B5D5-A7E148D63947", "vulnerable": true }, { "criteria": "cpe:2.3:a:x.org:x11r6:6.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "D129D08C-AF18-4F9D-9781-64B8C1CFD65E", "vulnerable": true }, { "criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "AE887A26-0590-40DE-ACE2-28A30E5228AA", "vulnerable": true }, { "criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "23FF2D1C-D328-49BE-87CF-938FB533180B", "vulnerable": true }, { "criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "C104B02C-3F3B-4DB4-8A1D-65A7DAA380EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "BEECB0ED-A5C9-4675-9CEB-AD6C19EDA7D1", "vulnerable": true }, { "criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "B43D5F86-97B2-4175-8ED7-1F937850F9DB", "vulnerable": true }, { "criteria": "cpe:2.3:a:xfree86_project:x11r6:3.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "0946A224-6A0C-4DE3-89F9-200682431737", "vulnerable": true }, { "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F33E5444-E178-4F49-BDA1-DE576D8526EE", "vulnerable": true }, { "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "1BCC09AA-AB01-4583-8052-66DBF0E1861D", "vulnerable": true }, { "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.0.2.11:*:*:*:*:*:*:*", "matchCriteriaId": "0E49FAA6-E146-4AD5-845E-9445C7D9F088", "vulnerable": true }, { "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "43425C85-806B-4823-AD74-D0A0465FC8DF", "vulnerable": true }, { "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "90FA67D9-8296-4534-8354-51B830DE3499", "vulnerable": true }, { "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.1.11:*:*:*:*:*:*:*", "matchCriteriaId": "8A000C67-7EA3-47A7-9068-1C8744C182D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "25EDDB93-DD20-4DBE-962B-6334D5A7CB45", "vulnerable": true }, { "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "4AC4F566-5D54-4364-B5AA-F846A0C8FCEB", "vulnerable": true }, { "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "7F9D1BD9-4300-43B5-A87B-E2BF74E55C87", "vulnerable": true }, { "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.2.1:*:errata:*:*:*:*:*", "matchCriteriaId": "F4B7E143-E24B-40D2-897B-6D516566B7F9", "vulnerable": true }, { "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "837EBF15-6C7D-46B8-8A90-9DFBF2C09FF3", "vulnerable": true }, { "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E859A205-0DC2-4E28-8FF0-72D66DE9B280", "vulnerable": true }, { "criteria": "cpe:2.3:a:xfree86_project:x11r6:4.3.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "F18E8C7B-53AC-4BC7-9E00-A70293172B58", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:altlinux:alt_linux:2.3:*:compact:*:*:*:*:*", "matchCriteriaId": "64BE98C2-8EFA-4349-9FE2-D62CA63A16C4", "vulnerable": true }, { "criteria": "cpe:2.3:o:altlinux:alt_linux:2.3:*:junior:*:*:*:*:*", "matchCriteriaId": "7D0AC3A3-A37C-4053-B05F-A031877AC811", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*", "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86_64:*:*:*:*:*", "matchCriteriaId": "F1D16230-3699-4AAA-9CAE-5CAF34628885", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.1:alpha:*:*:*:*:*:*", "matchCriteriaId": "C7F08806-9458-439A-8EAE-2553122262ED", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:ppc:*:*:*:*:*", "matchCriteriaId": "E74E0A28-7C78-4160-8BCF-99605285C0EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:alpha:*:*:*:*:*:*", "matchCriteriaId": "76159C25-0760-47CB-AFCE-28306CDEA830", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*", "matchCriteriaId": "8A206E1C-C2EC-4356-8777-B18D7069A4C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*", "matchCriteriaId": "6E2FE291-1142-4627-A497-C0BB0D934A0B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*", "matchCriteriaId": "49BC7C7E-046C-4186-822E-9F3A2AD3577B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*", "matchCriteriaId": "2FE69F6F-6B17-4C87-ACA4-A2A1FB47206A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "467A30EB-CB8F-4928-AC8F-F659084A9E2B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "714C1439-AB8E-4A8B-A783-D60E9DDC38D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*", "matchCriteriaId": "62CAE5B0-4D46-4A93-A343-C8E9CB574C62", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "819868A7-EB1E-4CA9-8D71-72F194E5EFEB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:spa:*:*:*:*:*", "matchCriteriaId": "FB647A8B-ADB9-402B-96E1-45321C75731B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "0944FD27-736E-4B55-8D96-9F2CA9BB9B05", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*", "matchCriteriaId": "373BB5AC-1F38-4D0A-97DC-08E9654403EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*", "matchCriteriaId": "B5E71DA3-F4A0-46AF-92A2-E691C7A65528", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0519FF7D-363E-4530-9E63-6EA3E88432DC", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*", "matchCriteriaId": "1975A2DD-EB22-4ED3-8719-F78AA7F414B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "FAE3FF4F-646F-4E05-A08A-C9399DEF60F1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "19F606EE-530F-4C06-82DB-52035EE03FA3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*", "matchCriteriaId": "A0E896D5-0005-4E7E-895D-B202AFCE09A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*", "matchCriteriaId": "5A8B313F-93C7-4558-9571-DE1111487E17", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*", "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*", "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow." } ], "id": "CVE-2005-0605", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-03-02T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt" }, { "source": "cve@mitre.org", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txt" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=83598" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=83655" }, { "source": "cve@mitre.org", "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "source": "cve@mitre.org", "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/14460" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18049" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/18316" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/19624" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200503-08.xml" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://securitytracker.com/id?1013339" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2005/dsa-723" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-044.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-198.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-331.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-412.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-473.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/12714" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "https://bugs.freedesktop.org/attachment.cgi?id=1909" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10411" }, { "source": "cve@mitre.org", "url": "https://usn.ubuntu.com/92-1/" }, { "source": "cve@mitre.org", "url": "https://usn.ubuntu.com/97-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.5/SCOSA-2006.5.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.57/SCOSA-2005.57.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060403-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=83598" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=83655" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/14460" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18049" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18316" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19624" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200503-08.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://securitytracker.com/id?1013339" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2005/dsa-723" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-044.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-198.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-331.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-412.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-473.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2008-0261.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/12714" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://bugs.freedesktop.org/attachment.cgi?id=1909" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10411" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/92-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/97-1/" } ], "sourceIdentifier": "cve@mitre.org", "vendorComments": [ { "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "7E3834A3-8A7E-4914-A20C-EE694150D044", "vulnerable": true }, { "criteria": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "BD7E2792-B4BC-4C71-990D-0B7462919568", "vulnerable": true }, { "criteria": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "10F2FD22-4058-45D6-8352-0AA6382746C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "1BF103AE-6F15-4F2D-A375-F2AF91171EE0", "vulnerable": true }, { "criteria": "cpe:2.3:a:graphicsmagick:graphicsmagick:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "65929D5C-31B1-4A70-8E9C-AC6749332480", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "0D83FADC-4C7F-4C16-BBAA-9883D7449744", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "B45B5EE8-00FB-46FE-9A26-7468AD30B540", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "1FD06A99-7CBF-4593-9EA1-5D1A800D8C38", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "A27CAC75-BFE8-4865-A6AE-20225BFCDBA8", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "6393827E-8F17-4C95-B1E2-D6049B8AA63F", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "46F682CD-0117-4770-877F-1F3903BAFE04", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "5717E4CF-15CD-4369-801F-7E113F0FAFB3", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "A34B9CBD-54BC-4131-820F-9483E50086BB", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "7AD7EB24-20F1-493F-BD38-DF39638C319B", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "5E62DFAA-1EFC-40D6-A4B5-9113DF0656B0", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "D8BD0D69-A809-4DD3-824B-C68E3EF4F724", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "ABC271B0-ACAC-478E-B00B-FFBAAE33B5E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "DF9BACC6-DEF1-4C20-B627-3AA55471B372", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "8CA96D5B-FD43-418E-980C-22DEBA4FC03D", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "B12378D7-6A7E-4636-9551-C224907A3219", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "A55053EA-780E-46A9-91AE-F983DD54D154", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "8168249B-863D-44E3-8BC3-B877A64981B9", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "A688471B-3A88-410B-AAD3-20A75E1A767E", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "02F76B8D-D105-4106-B52C-FC201F5930AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "8EB7AE5B-83D9-4DF5-A9A0-B0412D8C0B1B", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "600590DA-A2F4-488F-B85B-9B3B86A8FC6B", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "0BB2E37B-323A-4336-B081-56BD32260E0B", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "95AB4F80-4136-4007-8C33-E1C8A84C11B7", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "03ADE3A3-8FA5-439A-97ED-6EE93ED43699", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*", "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*", "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*", "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*", "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*", "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*", "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*", "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*", "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "980553F2-8662-47CF-95F0-645141746AEA", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "40EBF1CD-B392-4262-8F06-2C784ADAF0F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.1a:*:*:*:*:*:*:*", "matchCriteriaId": "9C00F84A-FCD4-4935-B7DE-ECBA6AE9B074", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "960DC6C2-B285-41D4-96F7-ED97F8BD5482", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*", "matchCriteriaId": "D1FD0EB4-E744-4465-AFEE-A3C807C9C993", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*", "matchCriteriaId": "1D866A7D-F0B9-4EA3-93C6-1E7C2C2A861F", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.4:rc3:*:*:*:*:*:*", "matchCriteriaId": "57772E3B-893C-408A-AA3B-78C972ED4D5E", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*", "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers." } ], "id": "CVE-2005-0005", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-05-02T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=110608222117215\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2005/dsa-646" }, { "source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-37.xml" }, { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://www.idefense.com/application/poi/display?id=184\u0026type=vulnerabilities" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-070.html" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-071.html" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9925" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=110608222117215\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2005/dsa-646" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-37.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://www.idefense.com/application/poi/display?id=184\u0026type=vulnerabilities" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-070.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-071.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9925" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
midnight_commander | midnight_commander | 4.5.40 | |
midnight_commander | midnight_commander | 4.5.41 | |
midnight_commander | midnight_commander | 4.5.42 | |
midnight_commander | midnight_commander | 4.5.43 | |
midnight_commander | midnight_commander | 4.5.44 | |
midnight_commander | midnight_commander | 4.5.45 | |
midnight_commander | midnight_commander | 4.5.46 | |
midnight_commander | midnight_commander | 4.5.47 | |
midnight_commander | midnight_commander | 4.5.48 | |
midnight_commander | midnight_commander | 4.5.49 | |
midnight_commander | midnight_commander | 4.5.50 | |
midnight_commander | midnight_commander | 4.5.51 | |
midnight_commander | midnight_commander | 4.5.52 | |
midnight_commander | midnight_commander | 4.5.55 | |
midnight_commander | midnight_commander | 4.6 | |
sgi | propack | 2.3 | |
sgi | propack | 2.4 | |
gentoo | linux | 0.5 | |
gentoo | linux | 0.7 | |
gentoo | linux | 1.1a | |
gentoo | linux | 1.2 | |
gentoo | linux | 1.4 | |
gentoo | linux | 1.4 | |
gentoo | linux | 1.4 | |
gentoo | linux | 1.4 | |
slackware | slackware_linux | * | |
slackware | slackware_linux | 9.0 | |
slackware | slackware_linux | 9.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.40:*:*:*:*:*:*:*", "matchCriteriaId": "EB4028BE-4173-4175-B9EF-A85A47476A60", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.41:*:*:*:*:*:*:*", "matchCriteriaId": "FC64619A-D8C3-4613-9A51-849DC65DC959", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.42:*:*:*:*:*:*:*", "matchCriteriaId": "0A4BBBE0-E96D-4BCB-BF5B-673888C00AC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.43:*:*:*:*:*:*:*", "matchCriteriaId": "D410B4E1-DA7A-4F62-A0F9-E8C5A147BD45", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.44:*:*:*:*:*:*:*", "matchCriteriaId": "949399A7-6E77-4F12-86EE-7B6FBAA16D4C", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.45:*:*:*:*:*:*:*", "matchCriteriaId": "FDE8085F-84F3-4305-A52B-FEFF05E9FD17", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.46:*:*:*:*:*:*:*", "matchCriteriaId": "D5DA21F1-8700-437C-8D64-70D97A508598", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.47:*:*:*:*:*:*:*", "matchCriteriaId": "B03CA3A4-86E2-4E10-8F56-51B814F51540", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.48:*:*:*:*:*:*:*", "matchCriteriaId": "F5AA5CCF-F160-4092-A7E7-29459E2528F6", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.49:*:*:*:*:*:*:*", "matchCriteriaId": "F2B90B64-72A2-46D3-A6CC-07052FC70740", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.50:*:*:*:*:*:*:*", "matchCriteriaId": "1E7739C2-C590-479E-8A0B-2EC95E836E3B", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.51:*:*:*:*:*:*:*", "matchCriteriaId": "25C1FE96-BC31-48D3-BB64-F132E17B8244", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.52:*:*:*:*:*:*:*", "matchCriteriaId": "0BFFA28E-B2EA-4F1A-8A05-7F2B05572B99", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.55:*:*:*:*:*:*:*", "matchCriteriaId": "E5969E22-C2B8-4440-92D0-EF17ECFECFCD", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.6:*:*:*:*:*:*:*", "matchCriteriaId": "98D27DF4-BCF6-4AB8-9117-80E2D1072C6C", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:gentoo:linux:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "980553F2-8662-47CF-95F0-645141746AEA", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "40EBF1CD-B392-4262-8F06-2C784ADAF0F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.1a:*:*:*:*:*:*:*", "matchCriteriaId": "9C00F84A-FCD4-4935-B7DE-ECBA6AE9B074", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "960DC6C2-B285-41D4-96F7-ED97F8BD5482", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*", "matchCriteriaId": "D1FD0EB4-E744-4465-AFEE-A3C807C9C993", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*", "matchCriteriaId": "1D866A7D-F0B9-4EA3-93C6-1E7C2C2A861F", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.4:rc3:*:*:*:*:*:*", "matchCriteriaId": "57772E3B-893C-408A-AA3B-78C972ED4D5E", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "F432C6C2-8676-4DD5-B9E6-71F6C164EF9D", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code." }, { "lang": "es", "value": "M\u00fatiples vulnerabilidades de cadena de formato en Midnight Commander (mc) anteriores a 4.6.0 pueden permitir a atacantes causar una denegaci\u00f3n de servicio o ejecutar c\u00f3digo de su elecci\u00f3n." } ], "id": "CVE-2004-0232", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-08-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2004/dsa-497" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16021" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2004/dsa-497" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16021" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
sgi | propack | 3.0 | |
squirrelmail | squirrelmail | 1.0.4 | |
squirrelmail | squirrelmail | 1.0.5 | |
squirrelmail | squirrelmail | 1.2.0 | |
squirrelmail | squirrelmail | 1.2.1 | |
squirrelmail | squirrelmail | 1.2.2 | |
squirrelmail | squirrelmail | 1.2.3 | |
squirrelmail | squirrelmail | 1.2.4 | |
squirrelmail | squirrelmail | 1.2.5 | |
squirrelmail | squirrelmail | 1.2.6 | |
squirrelmail | squirrelmail | 1.2.7 | |
squirrelmail | squirrelmail | 1.2.8 | |
squirrelmail | squirrelmail | 1.2.9 | |
squirrelmail | squirrelmail | 1.2.10 | |
squirrelmail | squirrelmail | 1.2.11 | |
squirrelmail | squirrelmail | 1.4 | |
squirrelmail | squirrelmail | 1.4.1 | |
squirrelmail | squirrelmail | 1.4.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "67E9817E-FF56-4FD0-B6C7-F4EEB25AD0CF", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "5EBF40C5-6272-427C-97A1-3CE3B1D47B12", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "A55A98B3-34ED-4A90-BB78-50CB56B1B51F", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "CC5143ED-D4C5-4830-9C96-0B54D03679CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "9B765AEC-09E9-456C-8B57-09927E55D119", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "0AAFC3B0-DCE3-4190-B279-E095C666FA34", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "9291A565-0BD6-4B5E-B45F-9DE65AB8159D", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "B6F53A84-FC66-4963-A728-7285F63D4761", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "69A941FF-423E-49C5-AE1F-FE7ED016CA3D", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "B34FDB1D-881B-4343-A76E-F23B93A0469A", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "1E4DCB20-2A7F-4EE4-BAFA-AD74CD4456AB", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "052914F8-B52C-4AB4-8F85-68D788B588C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "617C554F-8E7D-4F8A-AF63-C193934C8215", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.11:*:*:*:*:*:*:*", "matchCriteriaId": "15F11950-A2E4-4F57-BF87-57788B841A21", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "026730B8-3919-4100-8607-C640ADBDD662", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "4AD31177-05BB-4623-AED7-765DB7E44E47", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "20247A22-9AB9-4BCE-BF28-350B52FBC62D", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php." }, { "lang": "es", "value": "Multiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en SquirrelMail 1.4.2 permiten a atacantes remotos ejecutar script de su elecci\u00f3n como otro usuario y posiblemente robar informaci\u00f3n de autenticaci\u00f3n mediante m\u00faltiples vectores de ataque, incluyendo el par\u00e1metro mailbox en compose.php." } ], "id": "CVE-2004-0519", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-08-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000858" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=108334862800260" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2004-240.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/11531" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/11686" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/11870" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://secunia.com/advisories/12289" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200405-16.xml" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-535" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/advisories/6827" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/361857" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch" ], "url": "http://www.securityfocus.com/bid/10246" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1733" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16025" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1006" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10274" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000858" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=108334862800260" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2004-240.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/11531" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/11686" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/11870" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://secunia.com/advisories/12289" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200405-16.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-535" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.novell.com/linux/security/advisories/2005_19_sr.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/advisories/6827" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/361857" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch" ], "url": "http://www.securityfocus.com/bid/10246" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1733" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16025" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1006" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10274" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
gnu | mailman | 1.0 | |
gnu | mailman | 1.1 | |
gnu | mailman | 2.0 | |
gnu | mailman | 2.0 | |
gnu | mailman | 2.0 | |
gnu | mailman | 2.0 | |
gnu | mailman | 2.0.1 | |
gnu | mailman | 2.0.2 | |
gnu | mailman | 2.0.3 | |
gnu | mailman | 2.0.4 | |
gnu | mailman | 2.0.5 | |
gnu | mailman | 2.0.6 | |
gnu | mailman | 2.0.7 | |
gnu | mailman | 2.0.8 | |
gnu | mailman | 2.0.9 | |
gnu | mailman | 2.0.10 | |
gnu | mailman | 2.0.11 | |
gnu | mailman | 2.0.12 | |
gnu | mailman | 2.0.13 | |
gnu | mailman | 2.1 | |
sgi | propack | 2.3 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:gnu:mailman:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "46CF8999-445E-4E03-89F1-81669F9F93D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:mailman:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "1D965E3E-E08C-40EA-AF66-470F473F0262", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:mailman:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "64179C1D-C96F-431F-AD80-CBCA77CB9E53", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:mailman:2.0:beta3:*:*:*:*:*:*", "matchCriteriaId": "EC6B30F6-70A8-43C7-BA5C-6DD8A6ED829D", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:mailman:2.0:beta4:*:*:*:*:*:*", "matchCriteriaId": "767101D3-ABB0-4D34-AA28-75F78A392F39", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:mailman:2.0:beta5:*:*:*:*:*:*", "matchCriteriaId": "BEB60D06-E9D0-4949-8542-334D180F491D", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:mailman:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "7F884774-D1A1-42A6-A3FE-9B0500725666", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:mailman:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "2C56B981-FD66-46F2-806A-3FFDEC520482", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:mailman:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "5E3E1994-6CAC-48E9-8438-0D894A76FE66", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:mailman:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "DB8742B0-A91D-457D-BF57-06AFC5219BF9", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:mailman:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "6F04EDBE-4B04-4B4C-A2BE-5286AC7C8952", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:mailman:2.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "615566E3-9EBD-49B3-9727-0883D3F0334B", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:mailman:2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "F59D0CCF-3CD0-4D99-B1F1-38F331422801", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:mailman:2.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "FADF5CE8-D072-4CFE-8A96-BA86187B478B", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:mailman:2.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "72278005-5F2A-4459-8813-DF7EC2D1F063", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:mailman:2.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "4E39A909-E266-4BA9-87C6-DE26052433E9", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:mailman:2.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "ABA16FD9-0625-4D3D-9F10-130A28C88DA2", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:mailman:2.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "EE33EFBF-E155-4C3B-93CC-63AA1266A8A2", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:mailman:2.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "78F2FB70-7EB9-4AA7-9E85-C151C3CC8104", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:mailman:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "B1D6A976-FFEA-4DB6-B002-8036E778C78E", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands." }, { "lang": "es", "value": "Vulnerabilidad desconocida en el manejador de instrucciones por correo en Mailman anteriores a 2.0.14 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) mediante instrucciones de correo electr\u00f3nico malformadas." } ], "id": "CVE-2003-0991", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-03-03T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000842" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://mail.python.org/pipermail/mailman-announce/2004-February/000067.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-436" }, { "source": "cve@mitre.org", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:013" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-019.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9620" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15106" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000842" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://mail.python.org/pipermail/mailman-announce/2004-February/000067.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-436" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:013" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-019.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9620" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15106" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
imagemagick | imagemagick | 5.3.3 | |
imagemagick | imagemagick | 5.3.8 | |
imagemagick | imagemagick | 5.4.3 | |
imagemagick | imagemagick | 5.4.4.5 | |
imagemagick | imagemagick | 5.4.7 | |
imagemagick | imagemagick | 5.4.8 | |
imagemagick | imagemagick | 5.4.8.2.1.1.0 | |
imagemagick | imagemagick | 5.5.3.2.1.2.0 | |
imagemagick | imagemagick | 5.5.4 | |
imagemagick | imagemagick | 5.5.6 | |
imagemagick | imagemagick | 5.5.6.0_2003-04-09 | |
imagemagick | imagemagick | 5.5.7 | |
imagemagick | imagemagick | 6.0 | |
imagemagick | imagemagick | 6.0.1 | |
imagemagick | imagemagick | 6.0.2 | |
imagemagick | imagemagick | 6.0.2.5 | |
imagemagick | imagemagick | 6.0.3 | |
imagemagick | imagemagick | 6.0.4 | |
imagemagick | imagemagick | 6.0.5 | |
imagemagick | imagemagick | 6.0.6 | |
imagemagick | imagemagick | 6.0.7 | |
imagemagick | imagemagick | 6.0.8 | |
imagemagick | imagemagick | 6.1 | |
imagemagick | imagemagick | 6.1.1.6 | |
imagemagick | imagemagick | 6.1.2 | |
imagemagick | imagemagick | 6.1.3 | |
imagemagick | imagemagick | 6.1.4 | |
imagemagick | imagemagick | 6.1.5 | |
imagemagick | imagemagick | 6.1.6 | |
imagemagick | imagemagick | 6.1.7 | |
sgi | propack | 3.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "0D83FADC-4C7F-4C16-BBAA-9883D7449744", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "04A019EA-DB16-41D5-A625-CBD96F24416E", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "B45B5EE8-00FB-46FE-9A26-7468AD30B540", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "6534A963-C0A7-47D6-8E1B-B8D0F3933428", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "1FD06A99-7CBF-4593-9EA1-5D1A800D8C38", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "8BDC9494-E79B-4497-8413-A44DF326ABB1", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8.2.1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "563F49AC-D60F-4E00-9E0D-7EDAA2FFFCD0", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.3.2.1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BDB0628-9BFD-4262-886C-E971EC262134", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "2D1F61BB-FF5B-4196-8723-AA165B077E36", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "B02E4063-E2B2-4EC5-9864-D2FB3E73F574", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.6.0_2003-04-09:*:*:*:*:*:*:*", "matchCriteriaId": "F4CEEBE6-7CE6-4E1B-8828-EDD64EA3A338", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "193A610A-5E5E-4A87-A501-902100D1C2AF", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "A27CAC75-BFE8-4865-A6AE-20225BFCDBA8", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "6393827E-8F17-4C95-B1E2-D6049B8AA63F", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "46F682CD-0117-4770-877F-1F3903BAFE04", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "5717E4CF-15CD-4369-801F-7E113F0FAFB3", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "A34B9CBD-54BC-4131-820F-9483E50086BB", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "7AD7EB24-20F1-493F-BD38-DF39638C319B", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "5E62DFAA-1EFC-40D6-A4B5-9113DF0656B0", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "D8BD0D69-A809-4DD3-824B-C68E3EF4F724", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "ABC271B0-ACAC-478E-B00B-FFBAAE33B5E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "DF9BACC6-DEF1-4C20-B627-3AA55471B372", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "8CA96D5B-FD43-418E-980C-22DEBA4FC03D", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "B12378D7-6A7E-4636-9551-C224907A3219", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "A55053EA-780E-46A9-91AE-F983DD54D154", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "8168249B-863D-44E3-8BC3-B877A64981B9", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "A688471B-3A88-410B-AAD3-20A75E1A767E", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "02F76B8D-D105-4106-B52C-FC201F5930AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "8EB7AE5B-83D9-4DF5-A9A0-B0412D8C0B1B", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:6.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "600590DA-A2F4-488F-B85B-9B3B86A8FC6B", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unknown vulnerability in ImageMagick before 6.1.8 allows remote attackers to cause a denial of service (application crash) via a crafted PSD file." } ], "id": "CVE-2005-0761", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-03-23T05:00:00.000", "references": [ { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2005-070.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://securitytracker.com/id?1013550" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/12876" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11150" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2005-070.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://securitytracker.com/id?1013550" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/12876" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11150" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:avaya:call_management_system_server:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "618B807E-29B5-4CD0-BBA2-E20E45AC192D", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:call_management_system_server:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "5E9C378A-2151-45D1-A7EC-1F27E794D878", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:call_management_system_server:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "18D3AF16-3591-44FB-B3F8-E92DAA8FA936", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:call_management_system_server:12.0:*:*:*:*:*:*:*", "matchCriteriaId": "80FF4D54-3E14-42CA-9FC6-2534B3F00903", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:call_management_system_server:13.0:*:*:*:*:*:*:*", "matchCriteriaId": "53D3C3D9-D54C-4D6C-9D82-7653445680C2", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:cvlan:*:*:*:*:*:*:*:*", "matchCriteriaId": "2FE82341-3E73-4F5B-BD9E-06C83F22E831", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:integrated_management:*:*:*:*:*:*:*:*", "matchCriteriaId": "D12D6986-429E-4152-A6E5-4CC1FB9556D3", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:interactive_response:*:*:*:*:*:*:*:*", "matchCriteriaId": "6EE68944-C31D-4B49-BC8F-07944E0E82AA", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:interactive_response:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3427704B-08E7-4B33-B4F0-071EFA4FAE9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:interactive_response:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "C70755CC-4FF4-4E0E-9CFC-71F50FCC854E", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix_lx:*:*:*:*:*:*:*:*", "matchCriteriaId": "12D21889-2F4E-460B-AA92-4E910B7CBBDA", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:icontrol_service_manager:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "2A7379DC-AF87-436C-9942-8CC5CF781918", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:icontrol_service_manager:1.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "3A2B0D82-C75B-43EB-9DD1-4270B8BE52A3", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:icontrol_service_manager:1.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "06819549-ECD7-4568-BB15-C0A226A65F91", "vulnerable": true }, { "criteria": "cpe:2.3:a:f5:icontrol_service_manager:1.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "72EA2403-F428-407E-B32E-C8D5792B4DB1", "vulnerable": true }, { "criteria": "cpe:2.3:a:libtiff:libtiff:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "CCA5EEB8-9D2C-49A9-BB08-CE5017B79D81", "vulnerable": true }, { "criteria": "cpe:2.3:a:libtiff:libtiff:3.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "261FAE51-5207-4136-9FFE-2330A281266C", "vulnerable": true }, { "criteria": "cpe:2.3:a:libtiff:libtiff:3.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "B32C83B9-F7DA-450A-A687-9A73734CD712", "vulnerable": true }, { "criteria": "cpe:2.3:a:libtiff:libtiff:3.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "9485283A-B73E-4567-914A-42A86F5FFCB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:libtiff:libtiff:3.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "95892168-0FB6-4E3F-9303-2F9B3CF60D2B", "vulnerable": true }, { "criteria": "cpe:2.3:a:libtiff:libtiff:3.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "A5021564-5E0A-4DDC-BC68-200B6050043E", "vulnerable": true }, { "criteria": "cpe:2.3:a:libtiff:libtiff:3.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "19AA66E5-FDDD-4243-B945-DFEBDD25F258", "vulnerable": true }, { "criteria": "cpe:2.3:a:libtiff:libtiff:3.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "62F359CD-5DC4-4919-B8E1-95BDDBD27EFC", "vulnerable": true }, { "criteria": "cpe:2.3:a:libtiff:libtiff:3.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "D2C8C550-3313-4266-B4B3-E9E9047CFE04", "vulnerable": true }, { "criteria": "cpe:2.3:a:libtiff:libtiff:3.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "ABEEBA7B-81D5-4148-912B-9AD448BBE741", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:avaya:mn100:*:*:*:*:*:*:*:*", "matchCriteriaId": "D073442B-D7E7-4E07-AF2D-E22FE65B09A9", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*", "matchCriteriaId": "BFDADE04-29F0-446B-824B-0518880CF0A0", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "ED9BE602-A740-4CF7-9CAF-59061B16AB31", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "33E698C1-C313-40E6-BAF9-7C8F9CF02484", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "421079DA-B605-4E05-9454-C30CF7631CF4", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "93B734BA-3435-40A9-B22B-5D56CEB865A7", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "C4B57B3E-B1B2-4F13-99D3-4F9DB3C07B5E", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "30897327-44DD-4D6C-B8B6-2D66C44EA55D", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "B79D8F73-2E78-4A67-96BB-21AD9BCB0094", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "DC6931D5-DE7E-41F6-ADDC-AB5A8A167F69", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3:*:*:*:*:*:*:*", "matchCriteriaId": "1E997653-C744-4F1F-9948-47579AB3BED3", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "DF5A416A-F198-4B9C-8221-D36CC8A7FE5C", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "384C130F-D1A9-4482-AF20-FC81933473A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "3CA6BD2A-3022-408D-8E4F-50865996E965", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "463D5628-7536-4029-99D6-5E525050059E", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "69A39B11-1C23-4A6C-B4C5-AEC40836F173", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "78D48FD1-CB91-4310-9432-A4365FA67B11", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "750C6C37-8460-4ED8-83AD-ACAF993E4A6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "8923EE1A-DD48-4EC8-8698-A33093FD709C", "vulnerable": true }, { "criteria": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E25F5CF2-F891-41CA-A40C-13966F72FDF8", "vulnerable": true }, { "criteria": "cpe:2.3:o:avaya:modular_messaging_message_storage_server:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "7417958C-5321-41D6-9D1A-D16BF5511E81", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A06E5CD0-8BEC-4F4C-9E11-1FEE0563946C", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.0:*:amd64:*:*:*:*:*", "matchCriteriaId": "A3BDD466-84C9-4CFC-A3A8-7AC0F752FB53", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:unixware:7.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "059218D3-A3AD-4A10-9AA4-FBB689321D90", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*", "matchCriteriaId": "8F1F312C-413F-4DB4-ABF4-48E33F6FECF2", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*", "matchCriteriaId": "1894C542-AA81-40A9-BF47-AE24C93C1ACB", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "A711CDC2-412C-499D-9FA6-7F25B06267C6", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*", "matchCriteriaId": "0B837BB7-5F62-4CD5-9C64-8553C28EA8A7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:9.0:x86_update_2:*:*:*:*:*:*", "matchCriteriaId": "3F305CBD-4329-44DE-A85C-DE9FF371425E", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "7BF232A9-9E0A-481E-918D-65FC82EF36D8", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:10.0:*:x86:*:*:*:*:*", "matchCriteriaId": "0C0C3793-E011-4915-8F86-CE622A2D37D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*", "matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*", "matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow." } ], "id": "CVE-2004-1307", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-12-21T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2005/May/msg00001.html" }, { "source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1" }, { "source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.idefense.com/application/poi/display?id=173\u0026type=vulnerabilities\u0026flashstatus=true" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/539110" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA05-136A.html" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11175" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2005/May/msg00001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.idefense.com/application/poi/display?id=173\u0026type=vulnerabilities\u0026flashstatus=true" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/539110" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA05-136A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11175" } ], "sourceIdentifier": "cve@mitre.org", "vendorComments": [ { "comment": "This issue was resolved in all affected libtiff versions as shipped with Red Hat Enterprise Linux 2.1, 3, and 4 via a patch for CVE-2004-0886. For updates containing patches for CVE-2004-0886, see: https://rhn.redhat.com/errata/CVE-2004-0886.html", "lastModified": "2008-08-12T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
ethereal_group | ethereal | 0.10.1 | |
ethereal_group | ethereal | 0.10.2 | |
ethereal_group | ethereal | 0.10.3 | |
sgi | propack | 2.4 | |
sgi | propack | 3.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "136FF83B-2B03-4E5F-95C1-84195BE8392A", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "898E6919-542F-4A31-8CC0-C3C4CE0F9FCF", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "350ABD20-6BB8-4EDB-9DD1-6D1802D892A7", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The AIM dissector in Ethereal 0.10.3 allows remote attackers to cause a denial of service (assert error) via unknown attack vectors." }, { "lang": "es", "value": "El diseccionador AIM en Ethereal 0.10.3 permite a atacantes remotos causar una denegaci\u00f3n de servicio (fallo en aserci\u00f3n) mediante vectores de ataque desconocidos." } ], "id": "CVE-2004-0505", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-08-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/11608" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/11776" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/11836" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200406-01.xml" }, { "source": "cve@mitre.org", "url": "http://securitytracker.com/id?1010158" }, { "source": "cve@mitre.org", "url": "http://www.ciac.org/ciac/bulletins/o-150.shtml" }, { "source": "cve@mitre.org", "tags": [ "URL Repurposed" ], "url": "http://www.ethereal.com/appnotes/enpa-sa-00014.html" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/6132" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-234.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/10347" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16150" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9433" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A986" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/11608" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/11776" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/11836" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200406-01.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1010158" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ciac.org/ciac/bulletins/o-150.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "URL Repurposed" ], "url": "http://www.ethereal.com/appnotes/enpa-sa-00014.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/6132" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-234.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/10347" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16150" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9433" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A986" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9:*:*:*:*:*:*:*", "matchCriteriaId": "83C48EC3-D0BA-4A5D-93B0-6931CB3587AB", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "CB461B6B-B731-4732-AAD0-191BE50189D9", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "19961880-D38A-4785-A7C5-879A061119BE", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "831705D2-C4DE-475F-B908-8859064AFB38", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "A4622585-20E2-46E9-B773-74729FF22EEB", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.5:*:*:*:*:*:*:*", "matchCriteriaId": "E86ADCB6-0940-4CB9-85F1-A7694210FB66", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.6:*:*:*:*:*:*:*", "matchCriteriaId": "042B6289-D2E2-4369-BB40-EA6EE7025D23", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.7:*:*:*:*:*:*:*", "matchCriteriaId": "C93D7B7E-F5F9-44A2-A87B-4A16634DEDAD", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.8:*:*:*:*:*:*:*", "matchCriteriaId": "F0A48938-30B8-4403-B08A-177FFCB9054B", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.9:*:*:*:*:*:*:*", "matchCriteriaId": "C9A33AA4-CABF-4B6B-8688-8C1BD36D6649", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.10:*:*:*:*:*:*:*", "matchCriteriaId": "67B81EFD-27C1-411C-AFF3-E5340627E3BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.11:*:*:*:*:*:*:*", "matchCriteriaId": "680934CF-7F9B-41E4-AA03-ECD96F477AB9", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.12:*:*:*:*:*:*:*", "matchCriteriaId": "6F1F3D3E-A6D6-4C1A-8BC6-5579C19A7A45", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.13:*:*:*:*:*:*:*", "matchCriteriaId": "3BCF3AFF-ED4D-40F6-A2DD-04C0A6D3BD64", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.14:*:*:*:*:*:*:*", "matchCriteriaId": "DBCCE368-64E6-4CEC-B068-9B8BA2527289", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.15:*:*:*:*:*:*:*", "matchCriteriaId": "CF5374A4-5194-45FD-895D-B04FDC7E853C", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.16:*:*:*:*:*:*:*", "matchCriteriaId": "4038BC6D-DE51-4F1C-A25C-CD7FC6CE8CF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10:*:*:*:*:*:*:*", "matchCriteriaId": "338CEFD7-EBC0-43FB-B482-9A3D0834447E", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "136FF83B-2B03-4E5F-95C1-84195BE8392A", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "898E6919-542F-4A31-8CC0-C3C4CE0F9FCF", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "350ABD20-6BB8-4EDB-9DD1-6D1802D892A7", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "F5A659C0-2CDA-44EF-9D5F-0A57B3F14E5E", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.5:*:*:*:*:*:*:*", "matchCriteriaId": "FB12CA01-E0EA-4E84-802F-CC52268D65FD", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.6:*:*:*:*:*:*:*", "matchCriteriaId": "9704EC6E-7219-41FC-BE00-CD91A246C61E", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.7:*:*:*:*:*:*:*", "matchCriteriaId": "2B93B95E-F295-468C-A6A2-5AA6DE729E52", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:altlinux:alt_linux:2.3:*:compact:*:*:*:*:*", "matchCriteriaId": "64BE98C2-8EFA-4349-9FE2-D62CA63A16C4", "vulnerable": true }, { "criteria": "cpe:2.3:o:altlinux:alt_linux:2.3:*:junior:*:*:*:*:*", "matchCriteriaId": "7D0AC3A3-A37C-4053-B05F-A031877AC811", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*", "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*", "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*", "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*", "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*", "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*", "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*", "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*", "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*", "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*", "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files." } ], "id": "CVE-2004-1145", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-12-15T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=110356286722875\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/13586" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-16.xml" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.heise.de/security/dienste/browsercheck/tests/java.shtml" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/420222" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20041220-1.txt" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:154" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-065.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18596" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10173" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=110356286722875\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/13586" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200501-16.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.heise.de/security/dienste/browsercheck/tests/java.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/420222" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20041220-1.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:154" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-065.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18596" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10173" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:utempter:utempter:0.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "E720990E-7705-49FD-9254-88C22F261E11", "vulnerable": true }, { "criteria": "cpe:2.3:a:utempter:utempter:0.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "C4196D87-419F-495F-96AB-4D3CAB37C70D", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:slackware:slackware_linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "F432C6C2-8676-4DD5-B9E6-71F6C164EF9D", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files." }, { "lang": "es", "value": "Utempter permite nombres de dispositivo que contengan secuencias de cruce de directorios \"..\" (punto punto), lo que permite a usuarios locles sobreesciribir ficheros de su elecci\u00f3n mediante un ataque de enlaces simb\u00f3licos en nombres de dispositivos en combinaci\u00f3n con una aplicaci\u00f3n que conf\u00ede en ficheros utmp o wtmp." } ], "id": "CVE-2004-0233", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-08-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200405-05.xml" }, { "source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000752.1-1" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:031" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-174.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-175.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/10178" }, { "source": "cve@mitre.org", "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404389" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15904" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10115" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A979" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200405-05.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1000752.1-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:031" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-174.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-175.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/10178" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404389" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15904" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10115" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A979" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:sgi:propack:3:sp6:*:*:*:*:*:*", "matchCriteriaId": "26D173E9-0C91-42B9-8321-45EDACCC01BF", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "SGI ProPack 3 SP6 kernel displays the frame buffer contents of the last session after a reboot, which might allow local users to obtain sensitive information." }, { "lang": "es", "value": "El n\u00facleo de SGI ProPack 3 SP6 muestra los contenidos del marco de b\u00fafer de la \u00faltima sesi\u00f3n despu\u00e9s de reiniciar, lo cual podr\u00eda permitir a usuarios locales obtener informaci\u00f3n sensible." } ], "evaluatorComment": "The attacker must read the contents of the screen after a reboot and before the screen contents can be cleared by anything.", "id": "CVE-2006-1167", "lastModified": "2025-04-09T00:30:58.490", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.2, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 1.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2007-02-06T22:28:00.000", "references": [ { "source": "bc94ec7e-8909-4cbb-83df-d2fc9330fa88", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U" }, { "source": "bc94ec7e-8909-4cbb-83df-d2fc9330fa88", "url": "http://secunia.com/advisories/19607" }, { "source": "bc94ec7e-8909-4cbb-83df-d2fc9330fa88", "url": "http://www.osvdb.org/24571" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19607" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/24571" } ], "sourceIdentifier": "bc94ec7e-8909-4cbb-83df-d2fc9330fa88", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
metamail_corporation | metamail | * | |
sgi | propack | 2.3 | |
sgi | propack | 2.4 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | linux_advanced_workstation | 2.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:metamail_corporation:metamail:*:*:*:*:*:*:*:*", "matchCriteriaId": "62602141-B1CA-484C-97CC-4E85F34EC8C1", "versionEndIncluding": "2.7", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*", "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code." }, { "lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafe en Metamail 2.7 y anteriores permiten a atacantes remtos ejecutar c\u00f3digo arbitrario." } ], "id": "CVE-2004-0105", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-03-03T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=107713476911429\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/10908" }, { "source": "cve@mitre.org", "url": "http://www.ciac.org/ciac/bulletins/o-083.shtml" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2004/dsa-449" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/513062" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:014" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-073.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/9692" }, { "source": "cve@mitre.org", "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15247" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15258" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=107713476911429\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/10908" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ciac.org/ciac/bulletins/o-083.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2004/dsa-449" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/513062" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:014" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-073.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/9692" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15247" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15258" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*", "matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295", "vulnerable": true }, { "criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*", "matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*", "matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*", "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*", "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*", "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*", "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*", "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*", "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*", "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*", "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*", "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*", "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*", "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*", "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*", "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*", "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*", "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*", "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*", "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*", "matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*", "matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*", "matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*", "matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*", "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*", "matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*", "matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*", "matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*", "matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*", "matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*", "matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*", "matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*", "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*", "matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*", "matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*", "matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*", "matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*", "matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*", "matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*", "matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*", "matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*", "matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*", "matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*", "matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*", "matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*", "matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*", "matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*", "matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*", "matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*", "matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*", "matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka \"Infinite CPU spins.\"" } ], "id": "CVE-2005-3625", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-12-31T05:00:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "secalert@redhat.com", "tags": [ "Exploit" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18147" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18334" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18335" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18373" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18380" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18414" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18425" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18428" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18436" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18463" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18908" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18913" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19230" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19377" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/25729" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "secalert@redhat.com", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/236-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18147" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18334" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18335" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18373" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18380" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18414" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18425" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18428" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18436" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18463" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18908" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18913" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19230" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19377" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24023" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/236-1/" } ], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [ { "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:gnu:enscript:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "39EAF297-5A25-4ACC-B904-A3FBBDCCC142", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:enscript:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "0EDCE031-29D1-4F98-BF92-24E12CA6CE45", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:enscript:1.6:*:*:*:*:*:*:*", "matchCriteriaId": "B899B3C7-9D38-44E8-A2C5-A7B2A3C87C97", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:enscript:1.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "4E366EE3-E642-4C8D-9C8A-C39D1575D125", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:enscript:1.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "C04B03C2-C586-4495-B8E4-D5DECCFA2684", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:enscript:1.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "24957DD9-A63D-4982-B417-1AF27F005AE0", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:enscript:1.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "574D0C28-047F-49B0-BBAE-5DA861939F7F", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "111575DE-98A2-4C54-BDE1-CACC74D22B35", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "1976D15D-9EE6-4A49-B59F-34F0505FD5BC", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "962FC8D7-BE5D-4E7D-9ADC-511681C593BF", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "451453AC-65FF-4E3B-9AC1-2DDB2E2182E4", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "7716120D-5110-42B0-A574-9AA2AC8D3C32", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "CB4C8426-CAF2-4366-94C0-1BA1C544FB6F", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "5CC7D746-B98B-4FAF-B816-57222759A344", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "830D48B8-D21D-4D31-99A1-20C231804DBE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "5C0BBDD2-9FF9-4CB7-BCAF-D4AF15DC2C7C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "D1C826AA-6E2F-4DAC-A7A2-9F47729B5DA5", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "BCC94EF9-5872-402F-B2FC-06331A924BB2", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "F163E145-09F7-4BE2-9B46-5B6713070BAB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.1:alpha:*:*:*:*:*:*", "matchCriteriaId": "C7F08806-9458-439A-8EAE-2553122262ED", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:ppc:*:*:*:*:*", "matchCriteriaId": "E74E0A28-7C78-4160-8BCF-99605285C0EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:alpha:*:*:*:*:*:*", "matchCriteriaId": "76159C25-0760-47CB-AFCE-28306CDEA830", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*", "matchCriteriaId": "8A206E1C-C2EC-4356-8777-B18D7069A4C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*", "matchCriteriaId": "6E2FE291-1142-4627-A497-C0BB0D934A0B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*", "matchCriteriaId": "49BC7C7E-046C-4186-822E-9F3A2AD3577B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*", "matchCriteriaId": "2FE69F6F-6B17-4C87-ACA4-A2A1FB47206A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "467A30EB-CB8F-4928-AC8F-F659084A9E2B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "714C1439-AB8E-4A8B-A783-D60E9DDC38D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*", "matchCriteriaId": "62CAE5B0-4D46-4A93-A343-C8E9CB574C62", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "819868A7-EB1E-4CA9-8D71-72F194E5EFEB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:spa:*:*:*:*:*", "matchCriteriaId": "FB647A8B-ADB9-402B-96E1-45321C75731B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "0944FD27-736E-4B55-8D96-9F2CA9BB9B05", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*", "matchCriteriaId": "373BB5AC-1F38-4D0A-97DC-08E9654403EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*", "matchCriteriaId": "B5E71DA3-F4A0-46AF-92A2-E691C7A65528", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0519FF7D-363E-4530-9E63-6EA3E88432DC", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*", "matchCriteriaId": "1975A2DD-EB22-4ED3-8719-F78AA7F414B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "FAE3FF4F-646F-4E05-A08A-C9399DEF60F1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "19F606EE-530F-4C06-82DB-52035EE03FA3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*", "matchCriteriaId": "A0E896D5-0005-4E7E-895D-B202AFCE09A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*", "matchCriteriaId": "5A8B313F-93C7-4558-9571-DE1111487E17", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*", "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*", "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters." } ], "id": "CVE-2004-1184", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-01-21T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/35074" }, { "source": "cve@mitre.org", "url": "http://securitytracker.com/id?1012965" }, { "source": "cve@mitre.org", "url": "http://support.apple.com/kb/HT3549" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2005/dsa-654" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-040.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/12329" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19012" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9658" }, { "source": "cve@mitre.org", "url": "https://usn.ubuntu.com/68-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/35074" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1012965" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.apple.com/kb/HT3549" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2005/dsa-654" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:033" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-040.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/419768/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/435199/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/12329" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2009/1297" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9658" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/68-1/" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*", "matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295", "vulnerable": true }, { "criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*", "matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*", "matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*", "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*", "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*", "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*", "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*", "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*", "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*", "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*", "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*", "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*", "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*", "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*", "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*", "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*", "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*", "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*", "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*", "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*", "matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*", "matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*", "matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*", "matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*", "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*", "matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*", "matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*", "matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*", "matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*", "matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*", "matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*", "matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*", "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*", "matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*", "matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*", "matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*", "matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*", "matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*", "matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*", "matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*", "matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*", "matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*", "matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*", "matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*", "matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*", "matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*", "matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*", "matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*", "matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*", "matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*", "matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows." } ], "id": "CVE-2005-3624", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-12-31T05:00:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "secalert@redhat.com", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18147" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18334" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18373" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18380" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18414" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18425" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18428" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18436" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18463" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18908" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18913" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19230" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19377" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/25729" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "secalert@redhat.com", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/236-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18147" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18334" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18373" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18380" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18414" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18425" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18428" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18436" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18463" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18908" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18913" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19230" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19377" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24022" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9437" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/236-1/" } ], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [ { "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
sgi | propack | 2.3 | |
sgi | propack | 2.4 | |
washington_university | wu-ftpd | 2.4.1 | |
washington_university | wu-ftpd | 2.4.2_beta2 | |
washington_university | wu-ftpd | 2.4.2_beta18 | |
washington_university | wu-ftpd | 2.4.2_beta18_vr4 | |
washington_university | wu-ftpd | 2.4.2_beta18_vr5 | |
washington_university | wu-ftpd | 2.4.2_beta18_vr6 | |
washington_university | wu-ftpd | 2.4.2_beta18_vr7 | |
washington_university | wu-ftpd | 2.4.2_beta18_vr8 | |
washington_university | wu-ftpd | 2.4.2_beta18_vr9 | |
washington_university | wu-ftpd | 2.4.2_beta18_vr10 | |
washington_university | wu-ftpd | 2.4.2_beta18_vr11 | |
washington_university | wu-ftpd | 2.4.2_beta18_vr12 | |
washington_university | wu-ftpd | 2.4.2_beta18_vr13 | |
washington_university | wu-ftpd | 2.4.2_beta18_vr14 | |
washington_university | wu-ftpd | 2.4.2_beta18_vr15 | |
washington_university | wu-ftpd | 2.4.2_vr16 | |
washington_university | wu-ftpd | 2.4.2_vr17 | |
washington_university | wu-ftpd | 2.5.0 | |
washington_university | wu-ftpd | 2.6.0 | |
washington_university | wu-ftpd | 2.6.1 | |
washington_university | wu-ftpd | 2.6.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "28E5257A-F5ED-482C-9A0B-3B576513E7D7", "vulnerable": true }, { "criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta2:*:academ:*:*:*:*:*", "matchCriteriaId": "833542E5-B4E7-4995-95C9-E012AE13902D", "vulnerable": true }, { "criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18:*:academ:*:*:*:*:*", "matchCriteriaId": "C63ACBE3-5BB2-483E-A5FE-87698E98354A", "vulnerable": true }, { "criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr4:*:*:*:*:*:*:*", "matchCriteriaId": "B39D46C4-B153-4301-AE9C-57FB6BA64CD9", "vulnerable": true }, { "criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr5:*:*:*:*:*:*:*", "matchCriteriaId": "E55582DD-DEF7-4BF8-950C-E7E58BD29DE5", "vulnerable": true }, { "criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr6:*:*:*:*:*:*:*", "matchCriteriaId": "FF9B9132-19A1-4242-A129-E5A49F466EA2", "vulnerable": true }, { "criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr7:*:*:*:*:*:*:*", "matchCriteriaId": "4B9E32F3-06CF-482D-8313-3D098CDE8B6B", "vulnerable": true }, { "criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr8:*:*:*:*:*:*:*", "matchCriteriaId": "0A096214-84AD-44F5-BBEF-F9F17B9B0C43", "vulnerable": true }, { "criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr9:*:*:*:*:*:*:*", "matchCriteriaId": "4989799F-143A-45E5-A30C-9E3203649770", "vulnerable": true }, { "criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr10:*:*:*:*:*:*:*", "matchCriteriaId": "1E3D0CC6-D1A0-4784-BE93-319C7EE59134", "vulnerable": true }, { "criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr11:*:*:*:*:*:*:*", "matchCriteriaId": "4FA32489-F098-43D2-80B7-89CFE0BE9A3A", "vulnerable": true }, { "criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr12:*:*:*:*:*:*:*", "matchCriteriaId": "91C6388E-464B-4562-BC7B-7B4A66387B30", "vulnerable": true }, { "criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr13:*:*:*:*:*:*:*", "matchCriteriaId": "923B5711-853D-4A77-8FB3-D5C3D449518D", "vulnerable": true }, { "criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr14:*:*:*:*:*:*:*", "matchCriteriaId": "9BB1B136-F90E-426B-8010-F2D059E89DBE", "vulnerable": true }, { "criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4.2_beta18_vr15:*:*:*:*:*:*:*", "matchCriteriaId": "CD9EFCD7-2A13-420E-B6A0-C1248B2E6E2F", "vulnerable": true }, { "criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4.2_vr16:*:*:*:*:*:*:*", "matchCriteriaId": "573486C8-0349-4BC9-AD7D-3FBF93DDB6AF", "vulnerable": true }, { "criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.4.2_vr17:*:*:*:*:*:*:*", "matchCriteriaId": "CAD81A30-9C35-4EEA-B6FE-A4AC76893AC6", "vulnerable": true }, { "criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "473E71DD-F779-4F93-838A-AD6768BB8DFC", "vulnerable": true }, { "criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "C5E9B738-E8DF-4FE7-B4A5-91DE46A9CF8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "7196CF2D-8CCC-454A-A2C1-6408A9D636C5", "vulnerable": true }, { "criteria": "cpe:2.3:a:washington_university:wu-ftpd:2.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "D851CEBD-4FE5-46D9-99BD-CA3F3235B2E6", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead." }, { "lang": "es", "value": "wu-ftpd 2.6.2 y anteriores, con la opci\u00f3n restricted-gid activada, permite a usuarios locales saltarse restricciones de acceso cambiando los permisos para impedir el acceso a su directorio home, lo que hace que wu-ftpd use el directorio ra\u00edz en su lugar." } ], "id": "CVE-2004-0148", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-04-15T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=108999466902690\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/11055" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/20168" }, { "source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102356-1" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-457" }, { "source": "cve@mitre.org", "url": "http://www.frsirt.com/english/advisories/2006/1867" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-096.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9832" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15423" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1147" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1636" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1637" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A648" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=108999466902690\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/11055" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/20168" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102356-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-457" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.frsirt.com/english/advisories/2006/1867" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-096.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9832" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1147" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1636" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1637" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A648" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:firewall_services_module:*:*:*:*:*:*:*:*", "matchCriteriaId": "2A9CB22A-21E0-46F6-B6CD-BB38A80FA7A4", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "B9CAFC15-178C-4176-9668-D4A04B63E77B", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C8D6949-89F4-40EF-98F4-8D15628DC345", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1_\\(3.005\\):*:*:*:*:*:*:*", "matchCriteriaId": "F3DB2AEE-FB5C-42B7-845B-EDA3E58D5D68", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:firewall_services_module:2.1_\\(0.208\\):*:*:*:*:*:*:*", "matchCriteriaId": "6479D85C-1A12-486D-818C-6679F415CA26", "vulnerable": true }, { "criteria": "cpe:2.3:h:hp:aaa_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "287CF5FA-D0EC-4FD7-9718-973587EF34DF", "vulnerable": true }, { "criteria": "cpe:2.3:h:hp:apache-based_web_server:2.0.43.00:*:*:*:*:*:*:*", "matchCriteriaId": "C88168D4-7DB5-4720-8640-400BB680D0FD", "vulnerable": true }, { "criteria": "cpe:2.3:h:hp:apache-based_web_server:2.0.43.04:*:*:*:*:*:*:*", "matchCriteriaId": "968915A1-375B-4C69-BE11-9A393F7F1B0F", "vulnerable": true }, { "criteria": "cpe:2.3:h:symantec:clientless_vpn_gateway_4400:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "11465DCA-72E5-40E9-9D8E-B3CD470C47E9", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3954D0D1-9FDF-47D0-9710-D0FB06955B8B", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "3D6712BD-DE8F-40F5-AC74-B9EFE9A50CFA", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E586558A-ABC3-42EB-8B4D-DC92A0D695E6", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg200:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A4C5F60-B32D-4D85-BA28-AE11972ED614", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg200:4.31.29:*:*:*:*:*:*:*", "matchCriteriaId": "6A5935C3-3D83-461F-BC26-E03362115C42", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg203:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "80AC523B-3106-46F2-B760-803DCF8061F4", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg203:4.31.29:*:*:*:*:*:*:*", "matchCriteriaId": "F8B8D6F3-D15D-489F-A807-17E63F4831F2", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg208:*:*:*:*:*:*:*:*", "matchCriteriaId": "808189BA-197F-49CE-933E-A728F395749C", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg208:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "32DCFA7B-7BBB-465A-A4AD-7E18EE3C02DC", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg5:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "CC7EF0CD-EA39-457B-8E2E-9120B65A5835", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg5:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "7BC2983F-5212-464B-AC21-8A897DEC1F58", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg5:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "EBF17989-D1F2-4B04-80BD-CFABDD482ABA", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*", "matchCriteriaId": "441BE3A0-20F4-4972-B279-19B3DB5FA14D", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*", "matchCriteriaId": "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*", "matchCriteriaId": "00EAEA17-033A-4A50-8E39-D61154876D2F", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*", "matchCriteriaId": "0D9F2B04-A1F2-4788-A53D-C8274A758DDA", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*", "matchCriteriaId": "9A5309ED-D84F-4F52-9864-5B0FEEEE5022", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "DD7C441E-444B-4DF5-8491-86805C70FB99", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*", "matchCriteriaId": "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:8.05:*:*:*:*:*:*:*", "matchCriteriaId": "31B1ADC1-9B6D-4B5E-A05A-D69599A3A0D5", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*", "matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*", "matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*", "matchCriteriaId": "32310AFE-38CC-4C6C-AE13-54C18720F2C0", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "AC46909F-DDFC-448B-BCDF-1EB343F96630", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "1E140F76-D078-4F58-89CF-3278CDCB9AF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(11\\)e:*:*:*:*:*:*:*", "matchCriteriaId": "580BA1FE-0826-47A7-8BD3-9225E0841EDD", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e:*:*:*:*:*:*:*", "matchCriteriaId": "040B04CD-B891-4F19-A7CC-5C2D462FBD6C", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e12:*:*:*:*:*:*:*", "matchCriteriaId": "5BF29685-7FFC-4093-A1D4-21E4871AF5C6", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e14:*:*:*:*:*:*:*", "matchCriteriaId": "E72872C9-63AF-417F-BFAE-92B4D350C006", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)e9:*:*:*:*:*:*:*", "matchCriteriaId": "80BCF196-5E5A-4F31-BCE7-AA0C748CA922", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(19\\)e1:*:*:*:*:*:*:*", "matchCriteriaId": "970939C5-1E6F-47B6-97E6-7B2C1E019985", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy:*:*:*:*:*:*:*", "matchCriteriaId": "CD1F4148-E772-4708-8C1F-D67F969C11DA", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy1:*:*:*:*:*:*:*", "matchCriteriaId": "3CEBCEF0-5982-4B30-8377-9CAC978A1CB0", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.2sy:*:*:*:*:*:*:*", "matchCriteriaId": "09458CD7-D430-4957-8506-FAB2A3E2AA65", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.2za:*:*:*:*:*:*:*", "matchCriteriaId": "62626BB6-D4EA-4A8A-ABC1-F86B37F19EDB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:4d:webstar:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F8B87C95-4B34-4628-AD03-67D1DE13E097", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "758F95DB-E619-4B08-86FA-6CF2C1B0CBCD", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "4F04471C-732F-44EE-AD1B-6305C1DD7DDD", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "3499913B-5DCD-4115-8C7B-9E8AFF79DE5E", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "E237919A-416B-4039-AAD2-7FAE1F4E100D", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "39149924-188C-40C1-B598-A9CD407C90DE", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "15D5780C-4E29-4BCA-A47E-29FF6EAF33FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "E6501108-5455-48FE-AA82-37AFA5D7EC24", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*", "matchCriteriaId": "C1A3B951-A1F8-4291-82FA-AB7922D13ACE", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix:5.1.46:*:*:*:*:*:*:*", "matchCriteriaId": "3F2E7C81-C0F5-4D36-9A23-03BE69295ED0", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix:s3210:*:*:*:*:*:*:*", "matchCriteriaId": "9D0EF4A3-2FE5-41E4-A764-30B379ECF081", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix:s3400:*:*:*:*:*:*:*", "matchCriteriaId": "CCF6D59E-8AEA-4380-B86B-0803B2202F16", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:5:*:*:*:*:*:*:*", "matchCriteriaId": "140ABF28-FA39-4D77-AEB2-304962ED48C2", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:5x:*:*:*:*:*:*:*", "matchCriteriaId": "09473DD9-5114-44C5-B56C-6630FBEBCACB", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:100_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A7ECD3A4-5A39-4222-8350-524F11D8FFB0", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:500:*:*:*:*:*:*:*", "matchCriteriaId": "D36C140D-E80C-479A-ADA7-18E901549059", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:2000_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "940712E9-B041-4B7F-BD02-7DD0AE596D65", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:5000_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "03B887A2-9025-4C5B-8901-71BC63BF5293", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:7500_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "33264586-7160-4550-9FF9-4101D72F5C9B", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:10000_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "CE5E6521-0611-4473-82AC-21655F10FEC0", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:*:*:vsx-ng-ai:*:*:*:*:*", "matchCriteriaId": "AA9A50A1-CA8C-4EE5-B68F-4958F6B4B028", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:2.0:*:gx:*:*:*:*:*", "matchCriteriaId": "8C83ABA2-87CD-429B-9800-590F8256B064", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp0:*:*:*:*:*:*:*", "matchCriteriaId": "A4D9A576-2878-4AC4-AC95-E69CB8A84A71", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp1:*:*:*:*:*:*:*", "matchCriteriaId": "0A1A0B02-CF33-401F-9AB2-D595E586C795", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp2:*:*:*:*:*:*:*", "matchCriteriaId": "8C0EF3F0-B82E-45B7-8D05-05E76009F7A2", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "90FB3825-21A6-4DBE-8188-67672DBE01CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "80623E58-8B46-4559-89A4-C329AACF3CB7", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp2:*:*:*:*:*:*", "matchCriteriaId": "AEE6C228-CD93-4636-868B-C19BC1674BE6", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp3:*:*:*:*:*:*", "matchCriteriaId": "A645148C-AD0D-46C1-BEE3-10F5C9066279", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp4:*:*:*:*:*:*", "matchCriteriaId": "0D69187C-7F46-4FF0-A8A0-0E1989EA79BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp0:*:*:*:*:*:*:*", "matchCriteriaId": "4AE4A7EE-1BA3-46F1-BF4A-A72997EE0992", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp1:*:*:*:*:*:*:*", "matchCriteriaId": "02029D75-FAF2-4842-9246-079C7DE36417", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp2:*:*:*:*:*:*:*", "matchCriteriaId": "E0146341-364C-4085-A2E1-BC8C260FBA3D", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:vpn-1:vsx_ng_with_application_intelligence:*:*:*:*:*:*:*", "matchCriteriaId": "B5EF01C8-1C8A-4BD1-A13B-CE31F09F9523", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:access_registrar:*:*:*:*:*:*:*:*", "matchCriteriaId": "B8496E0D-2507-4C25-A122-0B846CBCA72A", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "8E383F2A-DFCF-47F8-94EE-3563D41EA597", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:css_secure_content_accelerator:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "D2D87EF0-056E-4128-89EB-2803ED83DEE9", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:css_secure_content_accelerator:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "BB3163C1-2044-44DA-9C88-076D75FDF1EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:css11000_content_services_switch:*:*:*:*:*:*:*:*", "matchCriteriaId": "07E1B690-C58B-4C08-A757-F3DF451FDAAA", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:okena_stormwatch:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "31F0E14C-7681-4D1A-B982-A51E450B93A7", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*", "matchCriteriaId": "ECBC761F-A8F5-4CD8-B19C-5CE8FFC58FDD", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:threat_response:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF39E8B-C201-4940-81C9-14AF4C3DD4B5", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:6.10:*:*:*:*:*:*:*", "matchCriteriaId": "AC604680-2E9E-4DC4-ACDD-74D552A45BA4", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:6.10_b4:*:*:*:*:*:*:*", "matchCriteriaId": "37A94436-D092-4C7E-B87B-63BC621EE82E", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.1_0.1.02:*:*:*:*:*:*:*", "matchCriteriaId": "862165CF-3CFB-4C6E-8238-86FA85F243C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.1_0.2.06:*:*:*:*:*:*:*", "matchCriteriaId": "056F3336-BAA8-4A03-90B4-7B31710FC1B3", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.2_0.0.03:*:*:*:*:*:*:*", "matchCriteriaId": "9FDC2510-FBB9-429A-B6D4-10AB11F93960", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.10:*:*:*:*:*:*:*", "matchCriteriaId": "5D45127E-A544-40A0-9D34-BD70D95C9772", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.10_.0.06s:*:*:*:*:*:*:*", "matchCriteriaId": "56C69C3E-C895-45C8-8182-7BB412A0C828", "vulnerable": true }, { "criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "A1FDD507-C38B-4C38-A54F-3DA6F07AD0B5", "vulnerable": true }, { "criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "6F2B7AC2-CF08-4AC9-9A71-3A8130F9F9AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "D4D9564B-B92E-4C97-87FF-B56D62DCA775", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:wbem:a.01.05.08:*:*:*:*:*:*:*", "matchCriteriaId": "B931D4F8-23F5-4ABA-A457-959995D30C58", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:wbem:a.02.00.00:*:*:*:*:*:*:*", "matchCriteriaId": "BE6A023E-9C2A-487F-B5CE-674C766BFE75", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:wbem:a.02.00.01:*:*:*:*:*:*:*", "matchCriteriaId": "6A15ACA2-D500-4260-B51A-6FE6AB5A45A4", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2A045971-8756-47E8-9044-C39D08B36F1F", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "CAA95881-7231-4FDA-AF73-04DF9FF0B64C", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "62B7F6AD-EDBD-4B09-BDB2-795ED114F2AE", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "F045AB7B-1551-46E5-A5CC-BF13C1BB49F4", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "44E85930-3AAD-420B-8E3E-AEC57344F6C4", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "52FD4485-BCA2-485A-A0CF-F8152C9DBFA5", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "7CF53BE4-FE2D-4D63-BD0F-A423D0FE3BE3", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "00993464-BE09-4691-B3F0-51BBA9FB80C3", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.2_rc2:*:*:*:*:*:*:*", "matchCriteriaId": "896AB39E-2078-4BA2-9522-477BD5F98FD1", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "EB9279EC-47CF-45F1-B4CC-B2B332E82E34", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "E7300C3E-8105-4C23-89B9-7D29CED18C15", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "90C59DB2-48DA-4172-A1F5-25CF3B5097AE", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc2:*:*:*:*:*:*:*", "matchCriteriaId": "715F4E0B-7E4B-4520-A987-9B3ED3136B75", "vulnerable": true }, { "criteria": "cpe:2.3:a:lite:speed_technologies_litespeed_web_server:1.3_rc3:*:*:*:*:*:*:*", "matchCriteriaId": "9CA1F606-C558-40FD-9300-6E2796F47BA8", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "A037FAA6-6D26-4496-BC67-03475B4D1155", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3831DD3-E783-4200-8986-FDBF7DD9BA53", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "2909C9D5-3D8F-4C41-B0E7-A0C0B432C19A", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "E09436DF-E3C1-4C03-A3BE-73C4BC84BB7B", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "699764B6-0F86-4AB0-86A3-4F2E69AD820C", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "7562ADC4-0D01-4FC2-98F0-1F4041BDA52E", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*", "matchCriteriaId": "E6FAB588-BDBE-4A04-AB9E-4F700A3951F0", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*", "matchCriteriaId": "E1B83F84-D1EF-43B4-8620-3C1BCCE44553", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*", "matchCriteriaId": "41169D2F-4F16-466A-82E9-AD0735472B5B", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "947699C3-D9DE-411A-99C0-44ADD1D2223A", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*", "matchCriteriaId": "15F668C0-8420-4401-AB0F-479575596CF0", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "CDDCC7B6-34CA-4551-9833-306B93E517BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "6D69C160-39F7-48B8-B9A3-CC86690453C0", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:imanager:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "166BF638-ABDC-4BB9-BD4E-2B22681AD9CC", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:imanager:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8FA6420B-9F6A-48F4-A445-12B60A320347", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", "matchCriteriaId": "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", "matchCriteriaId": "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", "matchCriteriaId": "180D07AE-C571-4DD6-837C-43E2A946007A", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", "matchCriteriaId": "BA3E4D2A-6488-4F8B-A3CA-4161A10FA4DB", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", "matchCriteriaId": "90789533-C741-4B1C-A24B-2C77B9E4DE5F", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", "matchCriteriaId": "1520065B-46D7-48A4-B9D0-5B49F690C5B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", "matchCriteriaId": "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", "matchCriteriaId": "2AA526B9-726A-49D5-B3CA-EBE2DA303CA0", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", "matchCriteriaId": "494E48E7-EF86-4860-9A53-94F6C313746E", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", "matchCriteriaId": "45A518E8-21BE-4C5C-B425-410AB1208E9C", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", "matchCriteriaId": "9E3AB748-E463-445C-ABAB-4FEDDFD1878B", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", "matchCriteriaId": "660E4B8D-AABA-4520-BC4D-CF8E76E07C05", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", "matchCriteriaId": "85BFEED5-4941-41BB-93D1-CD5C2A41290E", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", "matchCriteriaId": "78E79A05-64F3-4397-952C-A5BB950C967D", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", "matchCriteriaId": "7F7C9E77-1EB2-4720-A8FD-23DC1C877D5A", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", "matchCriteriaId": "549BB01D-F322-4FE3-BDA2-4FEA8ED8568A", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.6-15:*:i386:*:*:*:*:*", "matchCriteriaId": "09F3FB7B-0F68-49F3-A3B7-977A687A42E2", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.6b-3:*:i386:*:*:*:*:*", "matchCriteriaId": "088F2FF7-96E5-455E-A35B-D99F9854EC6E", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386:*:*:*:*:*", "matchCriteriaId": "FFA721BF-1B2E-479F-BF25-02D441BF175B", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_dev:*:*:*:*:*", "matchCriteriaId": "AFEDCE49-21CC-4168-818F-4C638EE3B077", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_perl:*:*:*:*:*", "matchCriteriaId": "B7D18F9B-C0BE-4DE8-81F4-5BF56C00BF41", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:servercluster:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "8F0F78F4-E81E-4C6B-AB73-D6AAE191060E", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:servercluster:2.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "DF1A5808-6D5D-48AD-9470-5A6510D17913", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C1E8990D-D9A0-4A71-9D87-EC047E01B0D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "6DBCC172-6867-4DFD-AAEF-9BDB4DA21F46", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C2F2BEEA-46BB-4718-B0F3-B4EC62B678A6", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "8D09E11C-C5BB-409E-BB0D-7F351250419B", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B06A05D-AA31-441D-9FC2-3558648C3B7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C0886901-6F93-44C1-B774-84D7E5D9554C", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "3F203A80-7C1E-4A04-8E99-63525E176753", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "CA0A204C-158B-4014-A53C-75E0CD63E0DE", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "085BA581-7DA5-4FA4-A888-351281FD0A7D", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.5.17:*:*:*:*:*:*:*", "matchCriteriaId": "EA1C4B3C-5701-4233-BA94-28915713F9C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.5.18:*:*:*:*:*:*:*", "matchCriteriaId": "28D9F8D7-698A-486A-918A-7DB5CAFBB3CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "D125C2A0-A4B5-48D6-A38A-54755C3FDF4C", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "0F85F672-0F21-4AD7-8620-13D82F2ECC22", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "89070041-613A-4F7B-BD6A-C6091D21FC52", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "D9A71933-4BD5-4B11-8B14-D997E75F29CD", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B6BE11D-FC02-4950-A554-08CC9D8B1853", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A53FD0E1-9BAA-43F0-BCC9-0BE8D4356F55", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "B80ADAE8-94D4-46A4-A5ED-FF134D808B52", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "69FA0221-5073-4D45-950F-119497B53FED", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "C4AE5B43-7C90-4C2A-A215-30F5EC5841C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "2CC1A110-B203-4962-8E1A-74BD98121AF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "B5A92C4D-B024-4D39-9479-409C39586F64", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "E7E0C4F5-CF02-4FF6-AE9B-5B6B70D5C067", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "5E8998CC-E372-46D0-8339-47DC8D92D253", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "AF131FDC-BF8D-4A17-99F0-444EB900E83D", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "880811B3-E78E-456E-972E-DE733F368576", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate:2.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "22411F18-2B93-405A-A3B5-2CF0A04977C6", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "C71188B7-E6DC-41E5-B619-367341113501", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "07491444-0196-4504-A971-A5E388B86BBA", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "72BC6CD2-3291-4E69-8DC6-F3AB853F8931", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "CD43EDDF-58A7-4705-B8C7-FD76C35A437D", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "A7C2E603-568F-40F6-9A7C-439E2A51B37F", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonegate_vpn_client:2.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "703421A7-E8C5-450B-97EF-FD9D99D4B834", "vulnerable": true }, { "criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.20:*:*:*:*:*:*:*", "matchCriteriaId": "9519BCB2-B401-44CE-97F6-847BB36AE45F", "vulnerable": true }, { "criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.30:*:*:*:*:*:*:*", "matchCriteriaId": "BBE573E8-DD94-4293-99AE-27B9067B3ED9", "vulnerable": true }, { "criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.40:*:*:*:*:*:*:*", "matchCriteriaId": "D14413DA-5199-4282-9E22-D347E9D8E469", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "05CC5F49-0E9E-45D8-827D-A5940566DB25", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:2.0.1_build_2129:*:*:*:*:*:*:*", "matchCriteriaId": "5D94EE19-6CE9-4E02-8174-D9954CDBF02B", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "D4E4BEE3-AE7B-4481-B724-2E644E18ACC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1_build_5336:*:*:*:*:*:*:*", "matchCriteriaId": "EAAB7052-E0B6-472E-920B-A0F0AEA25D6A", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:3.0_build_7592:*:*:*:*:*:*:*", "matchCriteriaId": "8CE38F15-BD42-4171-8670-86AA8169A60C", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "20C0BD87-CE4B-49D2-89BE-EF282C43AD72", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "C3E6C4A8-59F4-43EE-8413-E95289037598", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "FE76357A-27E6-4D85-9AA0-1BB658C41568", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "C56C5FDB-24E2-479D-87CA-164CD28567D3", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019", "vulnerable": true }, { "criteria": "cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*", "matchCriteriaId": "1B6CFEC9-0F8F-4CD4-ABD1-E6533F910F7F", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "12DE5E22-DF93-46BE-85A3-D4E04379E901", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*", "matchCriteriaId": "BF28C435-C036-4507-8E3F-44E722F9974A", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:gss_4480_global_site_selector:*:*:*:*:*:*:*:*", "matchCriteriaId": "CDA957E2-ABF9-49B2-874F-3FC3060CE0B0", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:gss_4490_global_site_selector:*:*:*:*:*:*:*:*", "matchCriteriaId": "5F2CDFE7-6853-4A31-85C0-50C57A8D606A", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:mds_9000:*:*:*:*:*:*:*:*", "matchCriteriaId": "0F2ED90B-DDBA-49DE-AC78-20E7D77C8858", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:secure_content_accelerator:10000:*:*:*:*:*:*:*", "matchCriteriaId": "408A9DB0-81EF-4186-B338-44954E67289B", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B0C5F92-7E93-4C3F-B22B-E6612A4D3E10", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.01:*:*:*:*:*:*:*", "matchCriteriaId": "2D0DC4B4-9AD9-4AC8-BFA7-A3D209B5D089", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.02:*:*:*:*:*:*:*", "matchCriteriaId": "303362A5-9C3C-4C85-8C97-2AB12CE01BF6", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.03:*:*:*:*:*:*:*", "matchCriteriaId": "FED22DC1-E06B-4511-B920-6DAB792262D8", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.04:*:*:*:*:*:*:*", "matchCriteriaId": "4CE44CA7-4BC7-4C2B-948F-2ACABB91528B", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "F757B2A7-869F-4702-81EB-466317A79D61", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.1.02:*:*:*:*:*:*:*", "matchCriteriaId": "01F6E9A9-6C85-48DA-BC61-55F8EACCB59F", "vulnerable": true }, { "criteria": "cpe:2.3:h:sun:crypto_accelerator_4000:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "64AF1E33-4086-43E2-8F54-DA75A99D4B75", "vulnerable": true }, { "criteria": "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "53D16F03-A4C7-4497-AB74-499F208FF059", "vulnerable": true }, { "criteria": "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "13A33EC1-836B-4C8C-AC18-B5BD4F90E612", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "58BE9C02-2A01-4F6F-A6BD-BC0173561E9B", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "C558CED8-8342-46CB-9F52-580B626D320E", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "0F85D19E-6C26-429D-B876-F34238B9DAAF", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "FEC7CCF7-CBC6-4EDC-8EDD-884DFFFBCC7D", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "E5011A33-CD6D-4EFC-ACFD-E51C9AE726A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4.101\\):*:*:*:*:*:*:*", "matchCriteriaId": "09063867-0E64-4630-B35B-4CCA348E4DAB", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "78F98CD7-A352-483C-9968-8FB2627A7CBD", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "F97FE485-705F-4707-B6C6-0EF9E8A85D5F", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "E2B925E8-D2C2-4E8C-AC21-0C422245C482", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "B9170562-872E-4C32-869C-B10FF35A925E", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "D0927A68-8BB2-4F03-8396-E9CACC158FC0", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(5\\):*:*:*:*:*:*:*", "matchCriteriaId": "559DDBA3-2AF4-4A0C-B219-6779BA931F21", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "ED9D142A-DDC8-4BD6-8C22-F242C9C0B1ED", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "5226C9CC-6933-4F10-B426-B47782C606FD", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "757DAE9A-B25D-4B8A-A41B-66C2897B537E", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "5E3DC170-E279-4725-B9EE-6840B5685CC9", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3.100\\):*:*:*:*:*:*:*", "matchCriteriaId": "8091EDA9-BD18-47F7-8CEC-E086238647C6", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "6F867890-74A4-4892-B99A-27DB4603B873", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "CE05B514-F094-4632-B25B-973F976F6409", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "3392428D-1A85-4472-A276-C482A78E2CE1", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.102\\):*:*:*:*:*:*:*", "matchCriteriaId": "40954985-16E6-4F37-B014-6A55166AE093", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.109\\):*:*:*:*:*:*:*", "matchCriteriaId": "0C097809-1FEF-4417-A201-42291CC29122", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference." }, { "lang": "es", "value": "La funci\u00f3n do_change_cipher_spec en OpenSSL 0.9.6c hasta 0.9.6.k y 0.9.7a hasta 0.9.7c permite que atacantes remotos provoquen una denegaci\u00f3n de servicio (ca\u00edda) mediante una h\u00e1bil uni\u00f3n SSL/TLS que provoca un puntero nulo." } ], "id": "CVE-2004-0079", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ], "cvssMetricV31": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary" }, { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }, "published": "2004-11-23T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://docs.info.apple.com/article.html?artnum=61798" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml" }, { "source": "cve@mitre.org", "tags": [ "Mailing List" ], "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "source": "cve@mitre.org", "tags": [ "Mailing List" ], "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html" }, { "source": "cve@mitre.org", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/11139" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/17381" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/17398" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/17401" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/18247" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2004/dsa-465" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/288574" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://www.openssl.org/news/secadv_20040317.txt" }, { "source": "cve@mitre.org", "tags": [ "Mailing List" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-829.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-830.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9899" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.trustix.org/errata/2004/0012" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://docs.info.apple.com/article.html?artnum=61798" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://fedoranews.org/updates/FEDORA-2004-095.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ], "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ], "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ], "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/11139" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/17381" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/17398" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/17401" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/18247" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-239.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://support.lexmark.com/index?page=content\u0026id=TE88\u0026locale=EN\u0026userlocale=EN_US" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2004/dsa-465" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/288574" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4135.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.openssl.org/news/secadv_20040317.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00087.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-139.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-829.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-830.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9899" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.trustix.org/errata/2004/0012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15505" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2621" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5770" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A870" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A975" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9779" } ], "sourceIdentifier": "cve@mitre.org", "vendorComments": [ { "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-476" } ], "source": "nvd@nist.gov", "type": "Primary" }, { "description": [ { "lang": "en", "value": "CWE-476" } ], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
sgi | propack | 2.3 | |
sgi | propack | 2.4 | |
xmlsoft | libxml | 1.8.17 | |
xmlsoft | libxml2 | 2.4.19 | |
xmlsoft | libxml2 | 2.4.23 | |
xmlsoft | libxml2 | 2.5.4 | |
xmlsoft | libxml2 | 2.5.10 | |
xmlsoft | libxml2 | 2.5.11 | |
xmlsoft | libxml2 | 2.6.0 | |
xmlsoft | libxml2 | 2.6.1 | |
xmlsoft | libxml2 | 2.6.2 | |
xmlsoft | libxml2 | 2.6.3 | |
xmlsoft | libxml2 | 2.6.4 | |
xmlsoft | libxml2 | 2.6.5 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:xmlsoft:libxml:1.8.17:*:*:*:*:*:*:*", "matchCriteriaId": "E7C0B552-67E9-48E5-ABFB-AF0CD6DA46FE", "vulnerable": true }, { "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.19:*:*:*:*:*:*:*", "matchCriteriaId": "9087E4FE-661F-4803-BB3B-09D2699265E5", "vulnerable": true }, { "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.23:*:*:*:*:*:*:*", "matchCriteriaId": "81EDD077-5183-4588-8DB1-93A0597AAA34", "vulnerable": true }, { "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "FFC48A66-7D1F-4446-BC50-6C1A1DF819E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.5.10:*:*:*:*:*:*:*", "matchCriteriaId": "D463EC3C-88F1-46D9-ADB6-6283DC23B0B6", "vulnerable": true }, { "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.5.11:*:*:*:*:*:*:*", "matchCriteriaId": "43F8E361-E6D3-4666-B18D-928D550FD5D2", "vulnerable": true }, { "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "B6948CD9-8489-46BA-9159-24C842490702", "vulnerable": true }, { "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "35C43087-760E-482A-B34E-141A29AC57A4", "vulnerable": true }, { "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "669211F7-90EA-47AB-A787-34DD79DF8E25", "vulnerable": true }, { "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "025B16D8-1023-4D47-BADD-C1E838B47D88", "vulnerable": true }, { "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "320E691F-D417-4D81-A223-C46FEFFD908A", "vulnerable": true }, { "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "F3B06B40-327D-4EFA-AD19-DA1CA7D50B4F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL." }, { "lang": "es", "value": "Desbordamiento de b\u00fafer en los m\u00f3dulos (1) nanohttp o (2) nanoftp en XMLSoft Libxml2 2.6.0 a 2.6.5 permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante una URL larga." } ], "id": "CVE-2004-0110", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-03-15T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=107851606605420\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=107860178228804\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2004-090.html" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/10958/" }, { "source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200403-01.xml" }, { "source": "cve@mitre.org", "url": "http://www.ciac.org/ciac/bulletins/o-086.shtml" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2004/dsa-455" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/493966" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-091.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-650.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9718" }, { "source": "cve@mitre.org", "url": "http://www.xmlsoft.org/news.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15301" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15302" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11626" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A833" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A875" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=107851606605420\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=107860178228804\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2004-090.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/10958/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200403-01.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ciac.org/ciac/bulletins/o-086.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2004/dsa-455" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/493966" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-091.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-650.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9718" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.xmlsoft.org/news.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15301" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15302" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11626" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A833" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A875" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
ethereal_group | ethereal | 0.10.1 | |
ethereal_group | ethereal | 0.10.2 | |
ethereal_group | ethereal | 0.10.3 | |
sgi | propack | 2.4 | |
sgi | propack | 3.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "136FF83B-2B03-4E5F-95C1-84195BE8392A", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "898E6919-542F-4A31-8CC0-C3C4CE0F9FCF", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "350ABD20-6BB8-4EDB-9DD1-6D1802D892A7", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Ethereal 0.10.3 allows remote attackers to cause a denial of service (crash) via certain SIP messages between Hotsip servers and clients." }, { "lang": "es", "value": "Ethereal 0.10.3 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) mediante ciertos mensajes SIP entre servidores y clientes Hostip." } ], "id": "CVE-2004-0504", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-08-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/11608" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/11776" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/11836" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200406-01.xml" }, { "source": "cve@mitre.org", "url": "http://securitytracker.com/id?1010158" }, { "source": "cve@mitre.org", "url": "http://www.ciac.org/ciac/bulletins/o-150.shtml" }, { "source": "cve@mitre.org", "tags": [ "URL Repurposed" ], "url": "http://www.ethereal.com/appnotes/enpa-sa-00014.html" }, { "source": "cve@mitre.org", "tags": [ "URL Repurposed" ], "url": "http://www.ethereal.com/lists/ethereal-users/200405/msg00018.html" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/6131" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-234.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/10347" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16148" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9769" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A982" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/11608" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/11776" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/11836" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200406-01.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1010158" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ciac.org/ciac/bulletins/o-150.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "URL Repurposed" ], "url": "http://www.ethereal.com/appnotes/enpa-sa-00014.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "URL Repurposed" ], "url": "http://www.ethereal.com/lists/ethereal-users/200405/msg00018.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/6131" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-234.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/10347" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16148" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9769" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A982" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
gnome | gdkpixbuf | 0.18 | |
gnome | gdkpixbuf | 0.20 | |
redhat | gdk_pixbuf | 0.18.0-7 | |
redhat | gdk_pixbuf | 0.18.0-7 | |
redhat | gdk_pixbuf | 0.18.0-7 | |
sgi | propack | 2.3 | |
sgi | propack | 2.4 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | linux_advanced_workstation | 2.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:gnome:gdkpixbuf:0.18:*:*:*:*:*:*:*", "matchCriteriaId": "8A45519F-F073-4722-B40D-C29C0862ED2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnome:gdkpixbuf:0.20:*:*:*:*:*:*:*", "matchCriteriaId": "202DC858-A31A-4790-80CA-16F033E1B7FD", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:gdk_pixbuf:0.18.0-7:*:i386:*:*:*:*:*", "matchCriteriaId": "EDE27CA5-B42B-4995-AEFF-490627A65DCF", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:gdk_pixbuf:0.18.0-7:*:i386_dev:*:*:*:*:*", "matchCriteriaId": "29A9C121-ECB3-4EC2-8EAD-654E10F88359", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:gdk_pixbuf:0.18.0-7:*:i386_gnome:*:*:*:*:*", "matchCriteriaId": "3426C3E8-DDD3-4CCE-8AE9-819D414A757D", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*", "matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*", "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file." }, { "lang": "es", "value": "gdk-pixbuf anteiores a 0.20 permite a atacantes causar una denegaci\u00f3n de servicio (ca\u00edda) mediante un fichero de mapa de bits (BMP) malformado." } ], "id": "CVE-2004-0111", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-04-15T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2004/dsa-464" }, { "source": "cve@mitre.org", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:020" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-102.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-103.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9842" }, { "source": "cve@mitre.org", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15426" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A845" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A846" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2004/dsa-464" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:020" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-102.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-103.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9842" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=2005" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15426" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A845" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A846" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
gnu | glibc | 2.3.2 | |
gnu | zebra | 0.91a | |
gnu | zebra | 0.92a | |
gnu | zebra | 0.93a | |
gnu | zebra | 0.93b | |
quagga | quagga_routing_software_suite | 0.96.2 | |
sgi | propack | 2.2.1 | |
sgi | propack | 2.3 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | linux_advanced_workstation | 2.1 | |
intel | ia64 | * |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "CAADC158-B7EF-4135-B383-0DA43065B43E", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:zebra:0.91a:*:*:*:*:*:*:*", "matchCriteriaId": "B4422632-71AE-4E7F-8684-EC63F9B05F50", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:zebra:0.92a:*:*:*:*:*:*:*", "matchCriteriaId": "06039EBD-0C90-42C9-B182-9A59A7A3075A", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:zebra:0.93a:*:*:*:*:*:*:*", "matchCriteriaId": "01D1D224-8BD6-46AD-AA75-5457A2E007A0", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:zebra:0.93b:*:*:*:*:*:*:*", "matchCriteriaId": "FDEEAC68-6442-4E82-B072-491ED94EE6D9", "vulnerable": true }, { "criteria": "cpe:2.3:a:quagga:quagga_routing_software_suite:0.96.2:*:*:*:*:*:*:*", "matchCriteriaId": "435E018F-DDB1-4909-B808-A45315AFECE8", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "8AB7B969-1093-46A9-AA8D-0C28F138C4D9", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*", "matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*", "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:h:intel:ia64:*:*:*:*:*:*:*:*", "matchCriteriaId": "9A94B8E3-D6A5-4061-885C-DDA14E00E63A", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface." }, { "lang": "es", "value": "La funci\u00f3n getifaddres en GNU libc (glibc) 2.2.4 y anteriores permite a usuarios locales causar una denegaci\u00f3n de servicio enviando mensajes suplantando a otros usuarios al interfaz del kernel netlink." } ], "id": "CVE-2003-0859", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-12-15T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-325.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2003-334.html" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11337" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-325.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2003-334.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11337" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:cvs:cvs:1.10.7:*:*:*:*:*:*:*", "matchCriteriaId": "C9F7CA6E-7D45-46C9-A437-0D0C4D3F25CC", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.10.8:*:*:*:*:*:*:*", "matchCriteriaId": "62135DD0-140D-42C2-9302-31B5E2DE1A4A", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:*", "matchCriteriaId": "D92B456C-5F8E-4DC2-940C-AE06B42DD3A9", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "37B53C85-AA0E-40DD-B477-058586197714", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.1_p1:*:*:*:*:*:*:*", "matchCriteriaId": "D1D1234F-1BB0-432B-B7B7-A97E3ADD5561", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "6D472B97-F7C2-4973-9D71-AB3CF1F8774D", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.3:*:*:*:*:*:*:*", "matchCriteriaId": "9D0DCF26-59A8-46AC-99D7-97C203A0D702", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.4:*:*:*:*:*:*:*", "matchCriteriaId": "B31BAACA-7518-48D2-ADEE-F59F4569D3BF", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.5:*:*:*:*:*:*:*", "matchCriteriaId": "9D2748A8-5047-4338-A08E-986497AE4B1C", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.6:*:*:*:*:*:*:*", "matchCriteriaId": "525C4E91-2186-4D3A-9DF0-1C6A75A3F919", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.10:*:*:*:*:*:*:*", "matchCriteriaId": "EB231E7F-1A6F-4A79-8ED2-F6CAD311A5A6", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.11:*:*:*:*:*:*:*", "matchCriteriaId": "FF7105E4-25F8-4AE3-9EDD-D44BF3E17145", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.14:*:*:*:*:*:*:*", "matchCriteriaId": "7C22BAF3-7B9C-4B2E-B5C6-1F37B896C301", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.15:*:*:*:*:*:*:*", "matchCriteriaId": "4AFFAE96-873A-4253-BCC7-1049DA81D9CA", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.16:*:*:*:*:*:*:*", "matchCriteriaId": "D1163535-583A-4504-BE7B-8919143CDF9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "766053F7-A174-4716-BF49-76B50FC79FD8", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.2:*:*:*:*:*:*:*", "matchCriteriaId": "C7D2623F-167A-4976-B757-DAC4CCFAFE64", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.5:*:*:*:*:*:*:*", "matchCriteriaId": "FAEC4477-D040-450E-A850-8B03C937A600", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.7:*:*:*:*:*:*:*", "matchCriteriaId": "2848AA51-9AF1-448D-955F-50B5203F7229", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.8:*:*:*:*:*:*:*", "matchCriteriaId": "7B66BE64-E340-4777-B877-483FEAA66988", "vulnerable": true }, { "criteria": "cpe:2.3:a:openpkg:openpkg:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "46B96764-9241-4586-9FA5-77D8D8EBE3BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:openpkg:openpkg:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "48A4B336-2D5B-4D9B-AA87-E5266FED05BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:openpkg:openpkg:current:*:*:*:*:*:*:*", "matchCriteriaId": "D342447B-5233-45FD-B1CF-8D84921402AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:freebsd:freebsd:1.1.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "C496B665-70DA-4B98-A5D1-E2935C0CE840", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "F1F098C1-D09E-49B4-9B51-E84B6C4EA6CD", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "34797660-41F5-4358-B70F-2A40DE48F182", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "27C9E23D-AB82-4AE1-873E-C5493BB96AA1", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "4054D69F-596F-4EB4-BE9A-E2478343F55A", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "CA26ABBE-9973-45FA-9E9B-82170B751219", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.1.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "7891202C-62AF-4590-9E5F-3514FDA2B38E", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.1.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "BF8F9B2F-E898-4F87-A245-32A41748587B", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "183667CA-6DF1-4BFB-AE32-9ABF55B7283A", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "EBDDEC3F-52EB-4E1E-84C4-B472600059EC", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "B58E02AE-38B4-466E-BF73-2F0B80AF7BA5", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "3928D5CF-6FC0-434C-8A80-ABDBF346C2C9", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "314BA420-4C74-4060-8ACE-D7A7C041CF2B", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "2EAD7613-A5B3-4621-B981-290C7C6B8BA0", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:2.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "D1CA3337-9BEE-49C5-9EDE-8CDBE5580537", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE38C50A-81FE-412E-9717-3672FAE6A6F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.0:releng:*:*:*:*:*:*", "matchCriteriaId": "A0A3F7B6-2878-40C0-B59C-EBA8D171D2F7", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "263F3734-7076-4EA8-B4C0-F37CFC4E979E", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "0419DD66-FF66-48BC-AD3B-F6AFD0551E36", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "C3518628-08E5-4AD7-AAF6-A4E38F1CDE2C", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "B982342C-1981-4C55-8044-AFE4D87623DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.5:*:*:*:*:*:*:*", "matchCriteriaId": "47E02BE6-4800-4940-B269-385B66AC5077", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.5:stable:*:*:*:*:*:*", "matchCriteriaId": "0EB09993-B837-4352-B09D-3656F62638A8", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "7C283AD7-1C58-4CE8-A6CD-502FFE0B18BB", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.5.1:release:*:*:*:*:*:*", "matchCriteriaId": "0361EA35-FBD7-4E8F-8625-C8100ED7BB7C", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:3.5.1:stable:*:*:*:*:*:*", "matchCriteriaId": "29EAA113-2404-4ABB-826B-3AA2AA858D02", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "D0A585A1-FF82-418F-90F8-072458DB7816", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.0:alpha:*:*:*:*:*:*", "matchCriteriaId": "E3F7EB61-55A5-4776-B0E7-3508920A6CEA", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.0:releng:*:*:*:*:*:*", "matchCriteriaId": "A442DE97-4485-4D95-B95D-58947585E455", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AE31DFF8-06AB-489D-A0C5-509C090283B5", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3BE1E3D8-2BB1-4FFA-9BC9-7AF347D26190", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:release:*:*:*:*:*:*", "matchCriteriaId": "1E8A6564-129A-4555-A5ED-6F65C56AE7B4", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.1.1:stable:*:*:*:*:*:*", "matchCriteriaId": "237174A4-E030-4A0B-AD0B-5C463603EAA4", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "DF49BF03-C25E-4737-84D5-892895C86C58", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.2:stable:*:*:*:*:*:*", "matchCriteriaId": "5D7F8F11-1869-40E2-8478-28B4E946D3CC", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "D2019E0E-426B-43AF-8904-1B811AE171E8", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.3:release:*:*:*:*:*:*", "matchCriteriaId": "9062BAB5-D437-49BE-A384-39F62434B70B", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.3:release_p38:*:*:*:*:*:*", "matchCriteriaId": "3BA1504C-14FE-4C21-A801-944041F2946F", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.3:releng:*:*:*:*:*:*", "matchCriteriaId": "21B69535-4FB6-4FAD-AAA6-C790FF82EFAF", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.3:stable:*:*:*:*:*:*", "matchCriteriaId": "6E53C673-9D6D-42C8-A502-033E1FC28D97", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "55C5FC1A-1253-4390-A4FC-573BB14EA937", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.4:release_p42:*:*:*:*:*:*", "matchCriteriaId": "6F4AC452-6042-409D-8673-ACAD108EE3B5", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.4:releng:*:*:*:*:*:*", "matchCriteriaId": "2FE1009B-371A-48E2-A456-935A1F0B7D0D", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.4:stable:*:*:*:*:*:*", "matchCriteriaId": "C844A170-B5A7-4703-AF3B-67366D44EA8B", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.5:*:*:*:*:*:*:*", "matchCriteriaId": "44308D13-D935-4FF8-AB52-F0E115ED1AD2", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.5:release:*:*:*:*:*:*", "matchCriteriaId": "3D41CB12-7894-4D25-80EC-23C56171D973", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.5:release_p32:*:*:*:*:*:*", "matchCriteriaId": "9BCD9C12-EDAB-473F-9CC5-04F06B413720", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.5:releng:*:*:*:*:*:*", "matchCriteriaId": "58EBC5C8-5CA8-4881-A036-179FDEBA3CA4", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.5:stable:*:*:*:*:*:*", "matchCriteriaId": "09789843-6A1A-4CDB-97E8-89E82B79DDB5", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*", "matchCriteriaId": "9C001822-FDF8-497C-AC2C-B59A00E9ACD2", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.6:release:*:*:*:*:*:*", "matchCriteriaId": "118211EF-CED7-4EB5-9669-F54C8169D4AE", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.6:release_p20:*:*:*:*:*:*", "matchCriteriaId": "58288F0F-B4CE-445C-AD93-DA73E3AD6FC3", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.6:releng:*:*:*:*:*:*", "matchCriteriaId": "CC96FBA9-6A65-4CC7-BE68-ADAF450ABE21", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.6:stable:*:*:*:*:*:*", "matchCriteriaId": "9A405AE2-ECC4-4BB0-80DD-4736394FB217", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "4AB4AD26-6AF2-4F3A-B602-F231FAABA73E", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*", "matchCriteriaId": "B86C77AB-B8FF-4376-9B4E-C88417396F3D", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.7:release:*:*:*:*:*:*", "matchCriteriaId": "E5612FB0-8403-4A7E-B89A-D7BDFAC00078", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.7:release_p17:*:*:*:*:*:*", "matchCriteriaId": "FA699BB4-94AA-40E6-A6B6-33E3D416CDA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.7:releng:*:*:*:*:*:*", "matchCriteriaId": "AFDA151E-E614-4A24-A34D-B6D5309110CC", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.7:stable:*:*:*:*:*:*", "matchCriteriaId": "A7818E11-1BEB-4DAA-BA7A-A278454BA4B3", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*", "matchCriteriaId": "441BE3A0-20F4-4972-B279-19B3DB5FA14D", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.8:pre-release:*:*:*:*:*:*", "matchCriteriaId": "09BFA20B-2F31-4246-8F74-63DF1DB884EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.8:release_p6:*:*:*:*:*:*", "matchCriteriaId": "5F3B4BA2-8A61-4F9A-8E46-7FA80E7F5514", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*", "matchCriteriaId": "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*", "matchCriteriaId": "00EAEA17-033A-4A50-8E39-D61154876D2F", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.9:pre-release:*:*:*:*:*:*", "matchCriteriaId": "4AE93D3D-34B4-47B7-A784-61F4479FF5A2", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.9:releng:*:*:*:*:*:*", "matchCriteriaId": "E6288144-0CD7-45B6-B5A7-09B1DF14FBE8", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.10:*:*:*:*:*:*:*", "matchCriteriaId": "9FFD9D1C-A459-47AD-BC62-15631417A32F", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.10:release:*:*:*:*:*:*", "matchCriteriaId": "4ECDEC87-0132-46B6-BD9B-A94F9B669EAA", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.10:releng:*:*:*:*:*:*", "matchCriteriaId": "43E84296-9B5C-4623-A2C4-431D76FC2765", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.0:alpha:*:*:*:*:*:*", "matchCriteriaId": "3B13D898-C1B6-44B9-8432-7DDB8A380E9E", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.0:release_p14:*:*:*:*:*:*", "matchCriteriaId": "51A612F6-E4EB-4E34-8F55-79E16C74758E", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.0:releng:*:*:*:*:*:*", "matchCriteriaId": "5C19B266-8FE7-49ED-8678-2D522257491D", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.1:alpha:*:*:*:*:*:*", "matchCriteriaId": "15C4D826-A419-45F5-B91C-1445DB480916", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*", "matchCriteriaId": "0D9F2B04-A1F2-4788-A53D-C8274A758DDA", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release_p5:*:*:*:*:*:*", "matchCriteriaId": "FEC7B38F-C6FB-4213-AE18-2D039A4D8E7A", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*", "matchCriteriaId": "9A5309ED-D84F-4F52-9864-5B0FEEEE5022", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "DD7C441E-444B-4DF5-8491-86805C70FB99", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*", "matchCriteriaId": "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:releng:*:*:*:*:*:*", "matchCriteriaId": "8E4BC012-ADE4-468F-9A25-261CD8055694", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*", "matchCriteriaId": "BDA160D4-5CAB-44E7-880A-59DD98FEAD62", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:current:*:*:*:*:*:*:*", "matchCriteriaId": "0370727F-1E37-4B82-8969-A2AC644632E8", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line." } ], "evaluatorImpact": "Failed exploit attempts will likely cause a denial of service condition.", "id": "CVE-2004-1471", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-12-31T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:14.cvs.asc" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" }, { "source": "cve@mitre.org", "url": "http://security.e-matters.de/advisories/092004.html" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/10499" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16365" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:14.cvs.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.e-matters.de/advisories/092004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/10499" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16365" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
ethereal_group | ethereal | 0.10.1 | |
ethereal_group | ethereal | 0.10.2 | |
ethereal_group | ethereal | 0.10.3 | |
sgi | propack | 2.4 | |
sgi | propack | 3.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "136FF83B-2B03-4E5F-95C1-84195BE8392A", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "898E6919-542F-4A31-8CC0-C3C4CE0F9FCF", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "350ABD20-6BB8-4EDB-9DD1-6D1802D892A7", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code." }, { "lang": "es", "value": "Desbordamiento de b\u00fafer en el diseccionador de MSSE de Ethereal 1.10.1 a 0.10.3 permite a atacantes remotos causar una denegaci\u00f3n de servicio y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n." } ], "id": "CVE-2004-0507", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-08-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2004-234.html" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/11608" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/11776" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/11836" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200406-01.xml" }, { "source": "cve@mitre.org", "url": "http://securitytracker.com/id?1010158" }, { "source": "cve@mitre.org", "url": "http://www.ciac.org/ciac/bulletins/o-150.shtml" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory", "URL Repurposed" ], "url": "http://www.ethereal.com/appnotes/enpa-sa-00014.html" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/6134" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/10347" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16152" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11026" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A988" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2004-234.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/11608" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/11776" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/11836" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200406-01.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1010158" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ciac.org/ciac/bulletins/o-150.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory", "URL Repurposed" ], "url": "http://www.ethereal.com/appnotes/enpa-sa-00014.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/6134" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/10347" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16152" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11026" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A988" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:sysstat:4.0.7-3:*:i386:*:*:*:*:*", "matchCriteriaId": "AD0995DA-F1DF-433D-A97B-1D02570ED787", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:sysstat:sysstat:4.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "128E5519-B592-4A74-A0AE-70FF6C758E92", "vulnerable": true }, { "criteria": "cpe:2.3:a:sysstat:sysstat:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "BF8EA77A-0502-4CE1-8AF6-B9FCE3A3B61A", "vulnerable": true }, { "criteria": "cpe:2.3:a:sysstat:sysstat:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "44DF02DE-E9E2-48FB-ADEB-86CD6BFD6AF1", "vulnerable": true }, { "criteria": "cpe:2.3:a:sysstat:sysstat:4.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "F593D32F-D836-4CC6-B597-6847889CDB59", "vulnerable": true }, { "criteria": "cpe:2.3:a:sysstat:sysstat:4.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "816C2A5C-06BE-4DFB-8982-1A9FCE5FA6D7", "vulnerable": true }, { "criteria": "cpe:2.3:a:sysstat:sysstat:4.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "2A2198E1-5725-410B-B7E7-35749CA32A4B", "vulnerable": true }, { "criteria": "cpe:2.3:a:sysstat:sysstat:4.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "EBE7138C-0258-4306-88EE-852CF9EF6605", "vulnerable": true }, { "criteria": "cpe:2.3:a:sysstat:sysstat:4.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "496B269B-8B6D-44DF-BCC1-CF48C85B3B18", "vulnerable": true }, { "criteria": "cpe:2.3:a:sysstat:sysstat:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "1DA6DACA-FC70-475F-8585-1799D5F74386", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107." }, { "lang": "es", "value": "El \u00fatil isag, que procesa datos de sysstat, permite a usuarios locales sobreescribir ficheros arbitrarios mediante un ataque de enlaces simb\u00f3licos en ficheros temporales, una vulnverabilidad distinta de CAN-2004-0107." } ], "id": "CVE-2004-0108", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-04-15T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040302-01-U.asc" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2004/dsa-460" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-053.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9844" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15437" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040302-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2004/dsa-460" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-053.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9844" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15437" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://marc.info/?l=bugtraq&m=106883387304266&w=2 | ||
cve@mitre.org | http://secunia.com/advisories/10563 | Vendor Advisory | |
cve@mitre.org | http://www.debian.org/security/2004/dsa-415 | Patch, Vendor Advisory | |
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-305.html | Patch, Vendor Advisory | |
cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-307.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=106883387304266&w=2 | ||
af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/10563 | Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2004/dsa-415 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-305.html | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-307.html | Patch, Vendor Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:gnu:zebra:0.91a:*:*:*:*:*:*:*", "matchCriteriaId": "B4422632-71AE-4E7F-8684-EC63F9B05F50", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:zebra:0.92a:*:*:*:*:*:*:*", "matchCriteriaId": "06039EBD-0C90-42C9-B182-9A59A7A3075A", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:zebra:0.93a:*:*:*:*:*:*:*", "matchCriteriaId": "01D1D224-8BD6-46AD-AA75-5457A2E007A0", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnu:zebra:0.93b:*:*:*:*:*:*:*", "matchCriteriaId": "FDEEAC68-6442-4E82-B072-491ED94EE6D9", "vulnerable": true }, { "criteria": "cpe:2.3:a:quagga:quagga:*:*:*:*:*:*:*:*", "matchCriteriaId": "1115C0CE-AA9B-4B11-A2D5-6F5F5ED043E1", "versionEndIncluding": "0.96.3", "vulnerable": true }, { "criteria": "cpe:2.3:a:quagga:quagga:0.95:*:*:*:*:*:*:*", "matchCriteriaId": "CD7A8AD5-A315-4242-960C-05E792B30547", "vulnerable": true }, { "criteria": "cpe:2.3:a:quagga:quagga:0.96:*:*:*:*:*:*:*", "matchCriteriaId": "6B83BCE2-24D0-4B5B-A034-62BFF1894AE2", "vulnerable": true }, { "criteria": "cpe:2.3:a:quagga:quagga:0.96.1:*:*:*:*:*:*:*", "matchCriteriaId": "FDD63DD9-1809-4CEC-AB69-955A7B127CA8", "vulnerable": true }, { "criteria": "cpe:2.3:a:quagga:quagga:0.96.2:*:*:*:*:*:*:*", "matchCriteriaId": "0A2AD1AD-DDE2-477B-8EFD-767B6FD8EDBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "8AB7B969-1093-46A9-AA8D-0C28F138C4D9", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference." }, { "lang": "es", "value": "La capa vty en Quagga anteriores a 0.96.4, y Zebra anteriores a 0.91, no verifica si se est\u00e1 llevando a cabo una sub-negociaci\u00f3n cuando procesa el marcador SE, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) mediante un comando telnet malformado al puerto telnet CLI, lo que puede disparar una desreferencia de memoria nula." } ], "id": "CVE-2003-0795", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2003-12-15T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=106883387304266\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/10563" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-415" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-305.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-307.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=106883387304266\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/10563" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-415" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-305.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2003-307.html" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-20" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ascii:ptex:3.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "4AE020D3-0F38-4F53-AFB7-B4E98EAC659F", "vulnerable": true }, { "criteria": "cpe:2.3:a:cstex:cstetex:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E16058D9-AC8B-4A7C-865F-93B476348363", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "68BD578F-CCAD-4515-9205-EB4F297C6DB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.0.4_8:*:*:*:*:*:*:*", "matchCriteriaId": "F3182CA2-7375-43BC-A0E5-DE11D4B65EE3", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCF4C8D0-3030-4DD5-800B-76A582A4CD0C", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "734D0C2C-F71F-461A-87EE-202C6B706753", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_2:*:*:*:*:*:*:*", "matchCriteriaId": "3F0F402D-5CD0-4477-8B59-C753CECB02BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_3:*:*:*:*:*:*:*", "matchCriteriaId": "959F7AFA-ED20-434C-993F-06C2A8574662", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.4_5:*:*:*:*:*:*:*", "matchCriteriaId": "D4F5A0A4-2884-46CA-A846-8B954EB80CFA", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "1741CC9D-C4A8-48F9-86CF-EC20AE2A6BE7", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "35E65857-12C7-49DE-AD27-3CACD456231C", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "47CEF035-57A6-470B-916A-E5562C28E866", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "4E26BB15-4CF8-4496-A7F7-EB34C444EF72", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "D414984E-4F6B-4278-8346-968587E4B18E", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.14:*:*:*:*:*:*:*", "matchCriteriaId": "33C36DCB-2FDD-44E6-85E8-875575AAE69E", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "7C4B7C23-0C54-4FBA-A774-9CC1E148376E", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.16:*:*:*:*:*:*:*", "matchCriteriaId": "9FA0EF14-33E6-4D44-B86E-F04014EA3C8F", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.17:*:*:*:*:*:*:*", "matchCriteriaId": "A5428EE6-F90A-4BB6-9D8C-8B99E80AB6DF", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.18:*:*:*:*:*:*:*", "matchCriteriaId": "A786A770-919E-4E23-949D-D836F316618A", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19:*:*:*:*:*:*:*", "matchCriteriaId": "00A2249C-73DE-434E-A41F-4EDB0ADC0845", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.19_rc5:*:*:*:*:*:*:*", "matchCriteriaId": "73AB4D3D-FF35-4A50-A144-3AD41F6F2E55", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.20:*:*:*:*:*:*:*", "matchCriteriaId": "FB7653F1-70E2-423F-A6A9-30333644B506", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnome:gpdf:0.110:*:*:*:*:*:*:*", "matchCriteriaId": "1CB6AE42-D493-43E5-A97C-76C8450E5881", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnome:gpdf:0.112:*:*:*:*:*:*:*", "matchCriteriaId": "2E70576E-C253-4F8B-A93E-14CC2EE7114D", "vulnerable": true }, { "criteria": "cpe:2.3:a:gnome:gpdf:0.131:*:*:*:*:*:*:*", "matchCriteriaId": "832C5512-B473-40E8-BF4F-EC6ABFE46749", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "053435DD-BFDF-4C39-9919-11C42D569085", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "E9BB1A3C-3348-4545-A513-E504B33F72AB", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "CD45E2C8-0B0E-484F-8050-94BF77798183", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "4EAA654E-9DD4-4614-92D7-EF4D676B3A18", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3_beta1:*:*:*:*:*:*:*", "matchCriteriaId": "89C96FC9-40DB-467D-A701-49F97A1B887D", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3_beta2:*:*:*:*:*:*:*", "matchCriteriaId": "76128BDC-2CA7-4AE7-8C4F-BCB3835CA938", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.3_beta3:*:*:*:*:*:*:*", "matchCriteriaId": "0B2517C7-27EF-4961-91C3-CA33219AFF2E", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32a:*:*:*:*:*:*:*", "matchCriteriaId": "EE346726-71D6-438B-B600-A7E107332816", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.32b:*:*:*:*:*:*:*", "matchCriteriaId": "87E85020-B4DB-4011-BDD0-1C8967D45A84", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33:*:*:*:*:*:*:*", "matchCriteriaId": "8189A9AB-F685-40E2-944F-8BD3DD6FA0A2", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.33a:*:*:*:*:*:*:*", "matchCriteriaId": "C33B8585-FA5F-4210-A997-615BCEE1726F", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.34:*:*:*:*:*:*:*", "matchCriteriaId": "F4AE4C34-C497-426F-AC0D-1805A50582EF", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.35:*:*:*:*:*:*:*", "matchCriteriaId": "A2989EFF-07B9-4EF2-B6C1-59E4F52FDC92", "vulnerable": true }, { "criteria": "cpe:2.3:a:pdftohtml:pdftohtml:0.36:*:*:*:*:*:*:*", "matchCriteriaId": "A3970101-5E83-49FD-BCB6-D9176D46B5A4", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "739A56F5-B19A-4B92-B9CB-04ECE4FFE204", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*", "matchCriteriaId": "28CC6233-E207-40CC-81FF-A8670EEA4295", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.91:*:*:*:*:*:*:*", "matchCriteriaId": "64DD9B5C-3DB8-4E15-B4A6-541E4E221C1D", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.92:*:*:*:*:*:*:*", "matchCriteriaId": "0304E1E3-8766-40D0-8879-A652B4E9E72D", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:0.93:*:*:*:*:*:*:*", "matchCriteriaId": "188F1343-8082-4B54-8DA4-E344818ABD52", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "B95DA7DE-B786-4EE7-A3F4-C077A7986D5F", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.0a:*:*:*:*:*:*:*", "matchCriteriaId": "C5306C05-4A71-4175-8C22-F2DE0F2FE4C4", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3B9DEF16-ECD5-4BBE-8986-52A6171B3D9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "CFFDBEEC-B2C1-47F0-82D3-FC9147B590A9", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "354487CF-0086-4AE2-872B-0032E3EB89EE", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "1169B802-7279-437F-AF59-621A67DC92EC", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669", "vulnerable": true }, { "criteria": "cpe:2.3:o:sgi:advanced_linux_environment:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "A05AC3EE-6292-4ECC-9680-048A12FCE723", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*", "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*", "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*", "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*", "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*", "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*", "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*", "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*", "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "82F69843-978D-4686-BC5B-1D09DA4A21BD", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "ACEE0AED-7918-41E9-A902-AC4070E03132", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "81E19472-47B4-4398-A188-CA5A5D3E7060", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "D17407A2-089E-43A5-9BD5-EFF966F5CC16", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "9C4B436D-8D6A-473E-B707-26147208808B", "vulnerable": true }, { "criteria": "cpe:2.3:o:kde:kde:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "1E26B353-4985-4116-B97A-5767CDC732F1", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*", "matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*", "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "111575DE-98A2-4C54-BDE1-CACC74D22B35", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "1976D15D-9EE6-4A49-B59F-34F0505FD5BC", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "962FC8D7-BE5D-4E7D-9ADC-511681C593BF", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "451453AC-65FF-4E3B-9AC1-2DDB2E2182E4", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "7716120D-5110-42B0-A574-9AA2AC8D3C32", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "CB4C8426-CAF2-4366-94C0-1BA1C544FB6F", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "5CC7D746-B98B-4FAF-B816-57222759A344", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "830D48B8-D21D-4D31-99A1-20C231804DBE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "5C0BBDD2-9FF9-4CB7-BCAF-D4AF15DC2C7C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "D1C826AA-6E2F-4DAC-A7A2-9F47729B5DA5", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "BCC94EF9-5872-402F-B2FC-06331A924BB2", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "F163E145-09F7-4BE2-9B46-5B6713070BAB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.1:alpha:*:*:*:*:*:*", "matchCriteriaId": "C7F08806-9458-439A-8EAE-2553122262ED", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:ppc:*:*:*:*:*", "matchCriteriaId": "E74E0A28-7C78-4160-8BCF-99605285C0EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:alpha:*:*:*:*:*:*", "matchCriteriaId": "76159C25-0760-47CB-AFCE-28306CDEA830", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*", "matchCriteriaId": "8A206E1C-C2EC-4356-8777-B18D7069A4C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*", "matchCriteriaId": "6E2FE291-1142-4627-A497-C0BB0D934A0B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*", "matchCriteriaId": "49BC7C7E-046C-4186-822E-9F3A2AD3577B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*", "matchCriteriaId": "2FE69F6F-6B17-4C87-ACA4-A2A1FB47206A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "467A30EB-CB8F-4928-AC8F-F659084A9E2B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "714C1439-AB8E-4A8B-A783-D60E9DDC38D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*", "matchCriteriaId": "62CAE5B0-4D46-4A93-A343-C8E9CB574C62", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "819868A7-EB1E-4CA9-8D71-72F194E5EFEB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:spa:*:*:*:*:*", "matchCriteriaId": "FB647A8B-ADB9-402B-96E1-45321C75731B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "0944FD27-736E-4B55-8D96-9F2CA9BB9B05", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*", "matchCriteriaId": "373BB5AC-1F38-4D0A-97DC-08E9654403EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*", "matchCriteriaId": "B5E71DA3-F4A0-46AF-92A2-E691C7A65528", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0519FF7D-363E-4530-9E63-6EA3E88432DC", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*", "matchCriteriaId": "1975A2DD-EB22-4ED3-8719-F78AA7F414B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "FAE3FF4F-646F-4E05-A08A-C9399DEF60F1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "19F606EE-530F-4C06-82DB-52035EE03FA3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*", "matchCriteriaId": "A0E896D5-0005-4E7E-895D-B202AFCE09A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*", "matchCriteriaId": "5A8B313F-93C7-4558-9571-DE1111487E17", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*", "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*", "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities." }, { "lang": "es", "value": "El parche para corregir las vulnerabilidades de desbordamiento de entero en Xpdf 2.0 y 3.0 (CAN-2004-0888) es incompleto para arquitecturas de 64 bits en ciertas distribuciones de Linux como Red Hat, lo que podr\u00eda dejar a los usuarios de Xpdf expuestos a las vulnerabilidades originales." } ], "id": "CVE-2005-0206", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-04-27T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11501" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:041" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:042" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:043" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:044" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:052" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:056" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-034.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-053.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-057.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-132.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-213.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11501" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17818" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11107" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
mit | kerberos | 1.0 | |
mit | kerberos | 1.0.8 | |
mit | kerberos | 1.2.2.beta1 | |
mit | kerberos_5 | 1.0 | |
mit | kerberos_5 | 1.0.6 | |
mit | kerberos_5 | 1.1 | |
mit | kerberos_5 | 1.1.1 | |
mit | kerberos_5 | 1.2 | |
mit | kerberos_5 | 1.2 | |
mit | kerberos_5 | 1.2 | |
mit | kerberos_5 | 1.2.1 | |
mit | kerberos_5 | 1.2.2 | |
mit | kerberos_5 | 1.2.3 | |
mit | kerberos_5 | 1.2.4 | |
mit | kerberos_5 | 1.2.5 | |
mit | kerberos_5 | 1.2.6 | |
mit | kerberos_5 | 1.2.7 | |
mit | kerberos_5 | 1.3 | |
mit | kerberos_5 | 1.3 | |
mit | kerberos_5 | 1.3.3 | |
sgi | propack | 2.4 | |
sgi | propack | 3.0 | |
sun | seam | 1.0 | |
sun | seam | 1.0.1 | |
sun | seam | 1.0.2 | |
tinysofa | tinysofa_enterprise_server | 1.0 | |
tinysofa | tinysofa_enterprise_server | 1.0_u1 | |
sun | solaris | 8.0 | |
sun | solaris | 9.0 | |
sun | solaris | 9.0 | |
sun | sunos | 5.8 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:mit:kerberos:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "ACC18A69-28AC-4DED-AA9D-B050709A9D43", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos:1.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "85336612-6B0A-46B0-B2E2-FF60A4D4DD01", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos:1.2.2.beta1:*:*:*:*:*:*:*", "matchCriteriaId": "D65D5B46-F8BD-41C4-86F2-D495F1EB4F47", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "08FA60A9-10E1-4ACD-819C-17801FAD7671", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "E8973E93-0BBE-4BD3-9983-F6480FFEA228", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "7A37987D-22F9-47AC-A07A-380F7E509BFE", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E47F0770-67D7-42EE-A1AD-9D5B5E83BF2B", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "BE8C0C82-749E-4837-88F8-FB56A753B094", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.2:beta1:*:*:*:*:*:*", "matchCriteriaId": "4EA5E4B3-AD02-4E87-822B-8A6C91DA65FA", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.2:beta2:*:*:*:*:*:*", "matchCriteriaId": "1A0B70C1-476D-4FAF-BA96-CB3EB32B7BC5", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "8AD672FA-918D-48CB-BC03-4E412AF0DCCC", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "D0B363A4-BB7A-48A2-AE6B-BD2DDD46E7CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "74EF42A5-EC47-4475-81D6-FD1E9C2B8A3C", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "30F2CBEF-6FA1-4E07-8163-6AFEDC93FCE5", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "D133CB0D-8A54-4DAA-9FE8-0B367544DE65", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "7B2C23BD-1995-4F09-B444-87DDDE21817E", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "EEF118BE-6351-4768-A3F0-DFE0065273D9", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "7F01A83F-3BD1-4DED-979A-B4B6B23039FD", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:*", "matchCriteriaId": "6B1422F8-CC87-46EA-8649-A12D6E47335D", "vulnerable": true }, { "criteria": "cpe:2.3:a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "F953CEBA-BAC0-48DF-A3D0-1FABCC9963E2", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:sun:seam:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "401CA0B3-2C25-4E6A-B0A0-C5AC4E69F14A", "vulnerable": true }, { "criteria": "cpe:2.3:a:sun:seam:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "111DAAB7-2309-4951-85F1-866D2D532528", "vulnerable": true }, { "criteria": "cpe:2.3:a:sun:seam:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "CD6C1EDF-259A-4DE1-9E43-35671FBA9662", "vulnerable": true }, { "criteria": "cpe:2.3:a:tinysofa:tinysofa_enterprise_server:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "A407E66E-FC1D-45E8-81C7-126472F5E7B3", "vulnerable": true }, { "criteria": "cpe:2.3:a:tinysofa:tinysofa_enterprise_server:1.0_u1:*:*:*:*:*:*:*", "matchCriteriaId": "83A54042-FC1E-4DE9-BA3A-8839131E32BC", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*", "matchCriteriaId": "1894C542-AA81-40A9-BF47-AE24C93C1ACB", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "A711CDC2-412C-499D-9FA6-7F25B06267C6", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*", "matchCriteriaId": "0B837BB7-5F62-4CD5-9C64-8553C28EA8A7", "vulnerable": true }, { "criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*", "matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root." }, { "lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer en krb5_aname_to_localname en MIT Kerberos 5 (krb5) 1.3.3 y anteriores permite a atacantes remtos ejecutar c\u00f3digo de su elecci\u00f3n como root" } ], "id": "CVE-2004-0523", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-08-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000860" }, { "source": "cve@mitre.org", "url": "http://lwn.net/Articles/88206/" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=108612325909496\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=108619161815320\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=108619250923790\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101512-1" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-520" }, { "source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200406-21.xml" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/686862" }, { "source": "cve@mitre.org", "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:056" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-236.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/10448" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16268" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10295" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2002" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A724" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A991" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000860" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lwn.net/Articles/88206/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=108612325909496\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=108619161815320\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=108619250923790\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101512-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-520" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200406-21.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/686862" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:056" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-236.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/10448" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16268" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10295" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2002" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A724" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A991" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
imagemagick | imagemagick | 5.3.3 | |
imagemagick | imagemagick | 5.3.8 | |
imagemagick | imagemagick | 5.4.3 | |
imagemagick | imagemagick | 5.4.4.5 | |
imagemagick | imagemagick | 5.4.7 | |
imagemagick | imagemagick | 5.4.8 | |
imagemagick | imagemagick | 5.4.8.2.1.1.0 | |
imagemagick | imagemagick | 5.5.3.2.1.2.0 | |
imagemagick | imagemagick | 5.5.4 | |
imagemagick | imagemagick | 5.5.6 | |
imagemagick | imagemagick | 5.5.6.0_2003-04-09 | |
imagemagick | imagemagick | 5.5.7 | |
sgi | propack | 3.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "0D83FADC-4C7F-4C16-BBAA-9883D7449744", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "04A019EA-DB16-41D5-A625-CBD96F24416E", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "B45B5EE8-00FB-46FE-9A26-7468AD30B540", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "6534A963-C0A7-47D6-8E1B-B8D0F3933428", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "1FD06A99-7CBF-4593-9EA1-5D1A800D8C38", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "8BDC9494-E79B-4497-8413-A44DF326ABB1", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.4.8.2.1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "563F49AC-D60F-4E00-9E0D-7EDAA2FFFCD0", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.3.2.1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BDB0628-9BFD-4262-886C-E971EC262134", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "2D1F61BB-FF5B-4196-8723-AA165B077E36", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "B02E4063-E2B2-4EC5-9864-D2FB3E73F574", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.6.0_2003-04-09:*:*:*:*:*:*:*", "matchCriteriaId": "F4CEEBE6-7CE6-4E1B-8828-EDD64EA3A338", "vulnerable": true }, { "criteria": "cpe:2.3:a:imagemagick:imagemagick:5.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "193A610A-5E5E-4A87-A501-902100D1C2AF", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "ImageMagick before 6.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image with an invalid tag." } ], "id": "CVE-2005-0759", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-03-23T05:00:00.000", "references": [ { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://securitytracker.com/id?1013550" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2005/dsa-702" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/12875" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11022" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://rhn.redhat.com/errata/RHSA-2005-070.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://securitytracker.com/id?1013550" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2005/dsa-702" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.novell.com/linux/security/advisories/2005_17_imagemagick.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/12875" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11022" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://rhn.redhat.com/errata/RHSA-2005-070.html" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:sgi:propack:3.0:sp5:*:*:*:*:*:*", "matchCriteriaId": "033079D4-3D40-4C10-A1F4-F4551A73EAE5", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*", "matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "94897983-0425-4F6C-B962-F15A187371C4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unknown vulnerability in arshell in the Array Service (arrayd) for SGI ProPack 3 with SP 5 and 6, and SGI ProPack 4, allows local users to execute arbitrary shells as root on other hosts in the cluster or array." } ], "id": "CVE-2005-1859", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-07-12T04:00:00.000", "references": [ { "source": "bc94ec7e-8909-4cbb-83df-d2fc9330fa88", "url": "ftp://patches.sgi.com/support/free/security/advisories/20050701-01-P.asc" }, { "source": "bc94ec7e-8909-4cbb-83df-d2fc9330fa88", "url": "http://securitytracker.com/id?1014454" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20050701-01-P.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1014454" } ], "sourceIdentifier": "bc94ec7e-8909-4cbb-83df-d2fc9330fa88", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
midnight_commander | midnight_commander | 4.5.40 | |
midnight_commander | midnight_commander | 4.5.41 | |
midnight_commander | midnight_commander | 4.5.42 | |
midnight_commander | midnight_commander | 4.5.43 | |
midnight_commander | midnight_commander | 4.5.44 | |
midnight_commander | midnight_commander | 4.5.45 | |
midnight_commander | midnight_commander | 4.5.46 | |
midnight_commander | midnight_commander | 4.5.47 | |
midnight_commander | midnight_commander | 4.5.48 | |
midnight_commander | midnight_commander | 4.5.49 | |
midnight_commander | midnight_commander | 4.5.50 | |
midnight_commander | midnight_commander | 4.5.51 | |
midnight_commander | midnight_commander | 4.5.52 | |
midnight_commander | midnight_commander | 4.5.55 | |
midnight_commander | midnight_commander | 4.6 | |
sgi | propack | 2.3 | |
sgi | propack | 2.4 | |
gentoo | linux | 0.5 | |
gentoo | linux | 0.7 | |
gentoo | linux | 1.1a | |
gentoo | linux | 1.2 | |
gentoo | linux | 1.4 | |
gentoo | linux | 1.4 | |
gentoo | linux | 1.4 | |
gentoo | linux | 1.4 | |
slackware | slackware_linux | * | |
slackware | slackware_linux | 9.0 | |
slackware | slackware_linux | 9.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.40:*:*:*:*:*:*:*", "matchCriteriaId": "EB4028BE-4173-4175-B9EF-A85A47476A60", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.41:*:*:*:*:*:*:*", "matchCriteriaId": "FC64619A-D8C3-4613-9A51-849DC65DC959", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.42:*:*:*:*:*:*:*", "matchCriteriaId": "0A4BBBE0-E96D-4BCB-BF5B-673888C00AC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.43:*:*:*:*:*:*:*", "matchCriteriaId": "D410B4E1-DA7A-4F62-A0F9-E8C5A147BD45", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.44:*:*:*:*:*:*:*", "matchCriteriaId": "949399A7-6E77-4F12-86EE-7B6FBAA16D4C", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.45:*:*:*:*:*:*:*", "matchCriteriaId": "FDE8085F-84F3-4305-A52B-FEFF05E9FD17", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.46:*:*:*:*:*:*:*", "matchCriteriaId": "D5DA21F1-8700-437C-8D64-70D97A508598", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.47:*:*:*:*:*:*:*", "matchCriteriaId": "B03CA3A4-86E2-4E10-8F56-51B814F51540", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.48:*:*:*:*:*:*:*", "matchCriteriaId": "F5AA5CCF-F160-4092-A7E7-29459E2528F6", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.49:*:*:*:*:*:*:*", "matchCriteriaId": "F2B90B64-72A2-46D3-A6CC-07052FC70740", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.50:*:*:*:*:*:*:*", "matchCriteriaId": "1E7739C2-C590-479E-8A0B-2EC95E836E3B", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.51:*:*:*:*:*:*:*", "matchCriteriaId": "25C1FE96-BC31-48D3-BB64-F132E17B8244", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.52:*:*:*:*:*:*:*", "matchCriteriaId": "0BFFA28E-B2EA-4F1A-8A05-7F2B05572B99", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.55:*:*:*:*:*:*:*", "matchCriteriaId": "E5969E22-C2B8-4440-92D0-EF17ECFECFCD", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.6:*:*:*:*:*:*:*", "matchCriteriaId": "98D27DF4-BCF6-4AB8-9117-80E2D1072C6C", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:gentoo:linux:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "980553F2-8662-47CF-95F0-645141746AEA", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "40EBF1CD-B392-4262-8F06-2C784ADAF0F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.1a:*:*:*:*:*:*:*", "matchCriteriaId": "9C00F84A-FCD4-4935-B7DE-ECBA6AE9B074", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "960DC6C2-B285-41D4-96F7-ED97F8BD5482", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*", "matchCriteriaId": "D1FD0EB4-E744-4465-AFEE-A3C807C9C993", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*", "matchCriteriaId": "1D866A7D-F0B9-4EA3-93C6-1E7C2C2A861F", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.4:rc3:*:*:*:*:*:*", "matchCriteriaId": "57772E3B-893C-408A-AA3B-78C972ED4D5E", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "F432C6C2-8676-4DD5-B9E6-71F6C164EF9D", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code." }, { "lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer en Midnight Commander (mc) anteriores a 4.6.0 pueden permitir a atacantes causar una denegaci\u00f3n de servicio o ejecutar c\u00f3digo arbitrario." } ], "id": "CVE-2004-0226", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-08-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2004/dsa-497" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16016" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2004/dsa-497" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16016" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
larry_wall | perl | 5.8.0 | |
larry_wall | perl | 5.8.1 | |
larry_wall | perl | 5.8.3 | |
larry_wall | perl | 5.8.4 | |
larry_wall | perl | 5.8.4.1 | |
larry_wall | perl | 5.8.4.2 | |
larry_wall | perl | 5.8.4.2.3 | |
larry_wall | perl | 5.8.4.3 | |
larry_wall | perl | 5.8.4.4 | |
larry_wall | perl | 5.8.4.5 | |
sgi | propack | 3.0 | |
ibm | aix | 5.2 | |
ibm | aix | 5.3 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux_desktop | 3.0 | |
redhat | fedora_core | core_3.0 | |
suse | suse_linux | 8.0 | |
suse | suse_linux | 8.0 | |
suse | suse_linux | 8.1 | |
suse | suse_linux | 8.2 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.0 | |
suse | suse_linux | 9.1 | |
suse | suse_linux | 9.2 | |
trustix | secure_linux | 1.5 | |
trustix | secure_linux | 2.0 | |
trustix | secure_linux | 2.1 | |
trustix | secure_linux | 2.2 | |
ubuntu | ubuntu_linux | 4.1 | |
ubuntu | ubuntu_linux | 4.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:larry_wall:perl:5.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "3D30E072-9E6A-49B4-A5C7-63A328598A68", "vulnerable": true }, { "criteria": "cpe:2.3:a:larry_wall:perl:5.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "434F0580-985F-42AF-BA10-FAB7E2C23ED0", "vulnerable": true }, { "criteria": "cpe:2.3:a:larry_wall:perl:5.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "18B179E0-C843-46C9-AAD2-78E998175E41", "vulnerable": true }, { "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "AD5E5A51-ED4C-4927-8C4D-502E79391E19", "vulnerable": true }, { "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "171C82CB-2E92-4D41-B1B1-DCFE929E8270", "vulnerable": true }, { "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "25633253-D9DE-41F0-A787-D0E8B2B3B9F0", "vulnerable": true }, { "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "AEDF9611-E4E2-4059-B45E-D3A61AC9DB47", "vulnerable": true }, { "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "49A9D197-D889-4BE4-BE7A-2EE9536A7498", "vulnerable": true }, { "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "D0A4538C-3870-431E-A225-D8523D77A4E4", "vulnerable": true }, { "criteria": "cpe:2.3:a:larry_wall:perl:5.8.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "C8233B3A-E09D-425B-B1A1-65CD170FD384", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "17EECCCB-D7D1-439A-9985-8FAE8B44487B", "vulnerable": true }, { "criteria": "cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "EA8DDF4A-1C5D-4CB1-95B3-69EAE6572507", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*", "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "39605B96-BAD6-45C9-BB9A-43D6E2C51ADD", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "A67735E5-E43E-4164-BDB2-ADC6E0288E9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree." } ], "id": "CVE-2005-0156", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-02-07T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=001056" }, { "source": "cve@mitre.org", "url": "http://fedoranews.org/updates/FEDORA--.shtml" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=110737149402683\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=full-disclosure\u0026m=110779721503111\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/14120" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/55314" }, { "source": "cve@mitre.org", "url": "http://www.digitalmunition.com/DMA%5B2005-0131b%5D.txt" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-13.xml" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:031" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-103.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-105.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/12426" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.trustix.org/errata/2005/0003/" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19208" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10803" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=001056" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://fedoranews.org/updates/FEDORA--.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=110737149402683\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=full-disclosure\u0026m=110779721503111\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/14120" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/55314" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.digitalmunition.com/DMA%5B2005-0131b%5D.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200502-13.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:031" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-103.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-105.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/12426" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.trustix.org/errata/2005/0003/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19208" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10803" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
ipsec-tools | ipsec-tools | 0.3.3 | |
ipsec-tools | ipsec-tools | 0.5 | |
kame | racoon | 2003-07-11 | |
kame | racoon | 2004-04-05 | |
kame | racoon | 2004-04-07b | |
kame | racoon | 2004-05-03 | |
kame | racoon | 2005-01-03 | |
kame | racoon | 2005-01-10 | |
kame | racoon | 2005-01-17 | |
kame | racoon | 2005-01-24 | |
kame | racoon | 2005-01-31 | |
kame | racoon | 2005-02-07 | |
kame | racoon | 2005-02-14 | |
kame | racoon | 2005-02-21 | |
kame | racoon | 2005-02-28 | |
kame | racoon | 2005-03-07 | |
sgi | propack | 3.0 | |
altlinux | alt_linux | 2.3 | |
altlinux | alt_linux | 2.3 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 3.0 | |
redhat | enterprise_linux | 4.0 | |
redhat | enterprise_linux | 4.0 | |
redhat | enterprise_linux | 4.0 | |
redhat | enterprise_linux_desktop | 3.0 | |
redhat | enterprise_linux_desktop | 4.0 | |
suse | suse_linux | * | |
suse | suse_linux | * | |
suse | suse_linux | 9.1 | |
suse | suse_linux | 9.1 | |
suse | suse_linux | 9.2 | |
suse | suse_linux | 9.2 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "7AB016E3-49FE-4ADF-8D4A-479D0D1C5AF1", "vulnerable": true }, { "criteria": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "C5630CFB-58BF-4B58-90AB-B44793D91FE6", "vulnerable": true }, { "criteria": "cpe:2.3:a:kame:racoon:2003-07-11:*:*:*:*:*:*:*", "matchCriteriaId": "F311F249-417C-4514-A144-E21A57078574", "vulnerable": true }, { "criteria": "cpe:2.3:a:kame:racoon:2004-04-05:*:*:*:*:*:*:*", "matchCriteriaId": "AC1BA7DD-5218-41A0-9D5F-79A45D22A2A4", "vulnerable": true }, { "criteria": "cpe:2.3:a:kame:racoon:2004-04-07b:*:*:*:*:*:*:*", "matchCriteriaId": "92E51298-8789-44B0-B64F-6D8D90034404", "vulnerable": true }, { "criteria": "cpe:2.3:a:kame:racoon:2004-05-03:*:*:*:*:*:*:*", "matchCriteriaId": "75ABB0EA-A057-486E-BD66-3378B28545BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:kame:racoon:2005-01-03:*:*:*:*:*:*:*", "matchCriteriaId": "7EA01A84-6D57-4EC1-8E8B-29989E786101", "vulnerable": true }, { "criteria": "cpe:2.3:a:kame:racoon:2005-01-10:*:*:*:*:*:*:*", "matchCriteriaId": "44076976-AF46-4181-93B6-F85982185A9A", "vulnerable": true }, { "criteria": "cpe:2.3:a:kame:racoon:2005-01-17:*:*:*:*:*:*:*", "matchCriteriaId": "BE031420-9E80-48FC-BB65-92D890A7F688", "vulnerable": true }, { "criteria": "cpe:2.3:a:kame:racoon:2005-01-24:*:*:*:*:*:*:*", "matchCriteriaId": "3C34FC11-088E-408D-98B1-DA6F61547FC1", "vulnerable": true }, { "criteria": "cpe:2.3:a:kame:racoon:2005-01-31:*:*:*:*:*:*:*", "matchCriteriaId": "FF541C23-0158-45FE-8F8C-C353874E0090", "vulnerable": true }, { "criteria": "cpe:2.3:a:kame:racoon:2005-02-07:*:*:*:*:*:*:*", "matchCriteriaId": "B37581BA-4F83-4940-8EF4-91575BF37B1D", "vulnerable": true }, { "criteria": "cpe:2.3:a:kame:racoon:2005-02-14:*:*:*:*:*:*:*", "matchCriteriaId": "C044E7C0-F7DF-476D-B58A-9C5493F03BD9", "vulnerable": true }, { "criteria": "cpe:2.3:a:kame:racoon:2005-02-21:*:*:*:*:*:*:*", "matchCriteriaId": "52DAA449-31DC-49F0-83AF-15AA8C318585", "vulnerable": true }, { "criteria": "cpe:2.3:a:kame:racoon:2005-02-28:*:*:*:*:*:*:*", "matchCriteriaId": "E0298AF2-5267-4EE6-B2C4-9C53C3E89A62", "vulnerable": true }, { "criteria": "cpe:2.3:a:kame:racoon:2005-03-07:*:*:*:*:*:*:*", "matchCriteriaId": "4DE6D48A-FCF8-4DE1-A2E8-A163D3219827", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:altlinux:alt_linux:2.3:*:compact:*:*:*:*:*", "matchCriteriaId": "64BE98C2-8EFA-4349-9FE2-D62CA63A16C4", "vulnerable": true }, { "criteria": "cpe:2.3:o:altlinux:alt_linux:2.3:*:junior:*:*:*:*:*", "matchCriteriaId": "7D0AC3A3-A37C-4053-B05F-A031877AC811", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*", "matchCriteriaId": "81B543F9-C209-46C2-B0AE-E14818A6992E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "DB89C970-DE94-4E09-A90A-077DB83AD156", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:*:*:desktop:*:*:*:*:*", "matchCriteriaId": "81E1499C-E73C-4630-B45B-02C38B7AE90D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:*:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "059EC93D-0F3F-4FC2-9878-0DB2756B951B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*", "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets." } ], "id": "CVE-2005-0398", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-03-14T05:00:00.000", "references": [ { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/14584" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200503-33.xml" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://securitytracker.com/id?1013433" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=6787713\u0026forum_id=32000" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:062" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-232.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/12804" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2005/0264" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=109966\u0026action=view" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19707" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10028" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/14584" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200503-33.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://securitytracker.com/id?1013433" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=6787713\u0026forum_id=32000" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:062" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-232.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/12804" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2005/0264" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=109966\u0026action=view" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19707" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10028" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:redhat:sysstat:4.0.7-3:*:i386:*:*:*:*:*", "matchCriteriaId": "AD0995DA-F1DF-433D-A97B-1D02570ED787", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:sysstat:sysstat:4.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "128E5519-B592-4A74-A0AE-70FF6C758E92", "vulnerable": true }, { "criteria": "cpe:2.3:a:sysstat:sysstat:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "BF8EA77A-0502-4CE1-8AF6-B9FCE3A3B61A", "vulnerable": true }, { "criteria": "cpe:2.3:a:sysstat:sysstat:4.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "44DF02DE-E9E2-48FB-ADEB-86CD6BFD6AF1", "vulnerable": true }, { "criteria": "cpe:2.3:a:sysstat:sysstat:4.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "F593D32F-D836-4CC6-B597-6847889CDB59", "vulnerable": true }, { "criteria": "cpe:2.3:a:sysstat:sysstat:4.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "816C2A5C-06BE-4DFB-8982-1A9FCE5FA6D7", "vulnerable": true }, { "criteria": "cpe:2.3:a:sysstat:sysstat:4.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "2A2198E1-5725-410B-B7E7-35749CA32A4B", "vulnerable": true }, { "criteria": "cpe:2.3:a:sysstat:sysstat:4.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "EBE7138C-0258-4306-88EE-852CF9EF6605", "vulnerable": true }, { "criteria": "cpe:2.3:a:sysstat:sysstat:4.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "496B269B-8B6D-44DF-BCC1-CF48C85B3B18", "vulnerable": true }, { "criteria": "cpe:2.3:a:sysstat:sysstat:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "1DA6DACA-FC70-475F-8585-1799D5F74386", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The (1) post and (2) trigger scripts in sysstat 4.0.7 and earlier allow local users to overwrite arbitrary files via symlink attacks on temporary files, a different vulnerability than CVE-2004-0108." }, { "lang": "es", "value": "Los scrpits (1) post y (2) trigger en sysstat 4.0.7 y anteriores permiten a usuarios locales sobreescribir ficheros arbitrarios mediante ataques de enlaces simb\u00f3licos en ficheros temporales, una vulnerabilidad distinta de CAN-2004-0108." } ], "id": "CVE-2004-0107", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-04-15T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040302-01-U.asc" }, { "source": "cve@mitre.org", "url": "http://www.ciac.org/ciac/bulletins/o-097.shtml" }, { "source": "cve@mitre.org", "url": "http://www.osvdb.org/6884" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-053.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-093.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9838" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15428" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10737" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A849" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A862" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040302-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ciac.org/ciac/bulletins/o-097.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/6884" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-053.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-093.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9838" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15428" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10737" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A849" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A862" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
open_webmail | open_webmail | 2.30 | |
open_webmail | open_webmail | 2.31 | |
open_webmail | open_webmail | 2.32 | |
sgi | propack | 3.0 | |
squirrelmail | squirrelmail | 1.2.0 | |
squirrelmail | squirrelmail | 1.2.1 | |
squirrelmail | squirrelmail | 1.2.2 | |
squirrelmail | squirrelmail | 1.2.3 | |
squirrelmail | squirrelmail | 1.2.4 | |
squirrelmail | squirrelmail | 1.2.5 | |
squirrelmail | squirrelmail | 1.2.6 | |
squirrelmail | squirrelmail | 1.2.7 | |
squirrelmail | squirrelmail | 1.2.8 | |
squirrelmail | squirrelmail | 1.2.9 | |
squirrelmail | squirrelmail | 1.2.10 | |
squirrelmail | squirrelmail | 1.2.11 | |
squirrelmail | squirrelmail | 1.4 | |
squirrelmail | squirrelmail | 1.4.1 | |
squirrelmail | squirrelmail | 1.4.2 | |
squirrelmail | squirrelmail | 1.4.3_rc1 | |
squirrelmail | squirrelmail | 1.5_dev |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:open_webmail:open_webmail:2.30:*:*:*:*:*:*:*", "matchCriteriaId": "9FCF6241-3F7C-4867-8D2E-CCA1BEFCA9D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:open_webmail:open_webmail:2.31:*:*:*:*:*:*:*", "matchCriteriaId": "EC478ABF-19F8-4195-AA37-23668E2474EC", "vulnerable": true }, { "criteria": "cpe:2.3:a:open_webmail:open_webmail:2.32:*:*:*:*:*:*:*", "matchCriteriaId": "E3A87C77-5F6E-497D-A6A0-7D68D5E27E33", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "A55A98B3-34ED-4A90-BB78-50CB56B1B51F", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "CC5143ED-D4C5-4830-9C96-0B54D03679CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "9B765AEC-09E9-456C-8B57-09927E55D119", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "0AAFC3B0-DCE3-4190-B279-E095C666FA34", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "9291A565-0BD6-4B5E-B45F-9DE65AB8159D", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "B6F53A84-FC66-4963-A728-7285F63D4761", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "69A941FF-423E-49C5-AE1F-FE7ED016CA3D", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "B34FDB1D-881B-4343-A76E-F23B93A0469A", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "1E4DCB20-2A7F-4EE4-BAFA-AD74CD4456AB", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "052914F8-B52C-4AB4-8F85-68D788B588C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "617C554F-8E7D-4F8A-AF63-C193934C8215", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.11:*:*:*:*:*:*:*", "matchCriteriaId": "15F11950-A2E4-4F57-BF87-57788B841A21", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "026730B8-3919-4100-8607-C640ADBDD662", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "4AD31177-05BB-4623-AED7-765DB7E44E47", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "20247A22-9AB9-4BCE-BF28-350B52FBC62D", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "B08E51F1-3764-4146-89C1-20B9B8EE1222", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.5_dev:*:*:*:*:*:*:*", "matchCriteriaId": "49EA7F58-14C6-4860-B276-46C9FCF91B2E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and earlier allow remote attackers to inject arbitrary HTML or script via (1) the $mailer variable in read_body.php, (2) the $senderNames_part variable in mailbox_display.php, and possibly other vectors including (3) the $event_title variable or (4) the $event_text variable." }, { "lang": "es", "value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados en Squirrelmail 1.2.10 y anteriores permiten a atacantes remotos inyectar HTML o script de su elecci\u00f3n mediante (1) la variable $mailer en read_body.php, (2) la variable $senderNames_part en mailbox_display.php, y posiblemente otros vectores,incluyendo (3) la variable $event_text." } ], "id": "CVE-2004-0639", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-08-06T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=257973" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000858" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=108611554415078\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-535" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch" ], "url": "http://www.securityfocus.com/bid/10450" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16285" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=257973" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000858" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=108611554415078\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-535" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch" ], "url": "http://www.securityfocus.com/bid/10450" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16285" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:h:cisco:firewall_services_module:*:*:*:*:*:*:*:*", "matchCriteriaId": "2A9CB22A-21E0-46F6-B6CD-BB38A80FA7A4", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "B9CAFC15-178C-4176-9668-D4A04B63E77B", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "3C8D6949-89F4-40EF-98F4-8D15628DC345", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:firewall_services_module:1.1_\\(3.005\\):*:*:*:*:*:*:*", "matchCriteriaId": "F3DB2AEE-FB5C-42B7-845B-EDA3E58D5D68", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:firewall_services_module:2.1_\\(0.208\\):*:*:*:*:*:*:*", "matchCriteriaId": "6479D85C-1A12-486D-818C-6679F415CA26", "vulnerable": true }, { "criteria": "cpe:2.3:h:hp:aaa_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "287CF5FA-D0EC-4FD7-9718-973587EF34DF", "vulnerable": true }, { "criteria": "cpe:2.3:h:hp:apache-based_web_server:2.0.43.00:*:*:*:*:*:*:*", "matchCriteriaId": "C88168D4-7DB5-4720-8640-400BB680D0FD", "vulnerable": true }, { "criteria": "cpe:2.3:h:hp:apache-based_web_server:2.0.43.04:*:*:*:*:*:*:*", "matchCriteriaId": "968915A1-375B-4C69-BE11-9A393F7F1B0F", "vulnerable": true }, { "criteria": "cpe:2.3:h:symantec:clientless_vpn_gateway_4400:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "11465DCA-72E5-40E9-9D8E-B3CD470C47E9", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "3954D0D1-9FDF-47D0-9710-D0FB06955B8B", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "3D6712BD-DE8F-40F5-AC74-B9EFE9A50CFA", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:converged_communications_server:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E586558A-ABC3-42EB-8B4D-DC92A0D695E6", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg200:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A4C5F60-B32D-4D85-BA28-AE11972ED614", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg200:4.31.29:*:*:*:*:*:*:*", "matchCriteriaId": "6A5935C3-3D83-461F-BC26-E03362115C42", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg203:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "80AC523B-3106-46F2-B760-803DCF8061F4", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg203:4.31.29:*:*:*:*:*:*:*", "matchCriteriaId": "F8B8D6F3-D15D-489F-A807-17E63F4831F2", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg208:*:*:*:*:*:*:*:*", "matchCriteriaId": "808189BA-197F-49CE-933E-A728F395749C", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg208:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "32DCFA7B-7BBB-465A-A4AD-7E18EE3C02DC", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg5:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "CC7EF0CD-EA39-457B-8E2E-9120B65A5835", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg5:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "7BC2983F-5212-464B-AC21-8A897DEC1F58", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:sg5:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "EBF17989-D1F2-4B04-80BD-CFABDD482ABA", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "BF2D00AC-FA2A-4C39-B796-DC19072862CF", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "E8BCD1C5-1AFC-4287-9AFD-81FB3F4F9E54", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*", "matchCriteriaId": "441BE3A0-20F4-4972-B279-19B3DB5FA14D", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*", "matchCriteriaId": "2D33C6EF-DBE1-4943-83E4-1F10670DAC6E", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:4.9:*:*:*:*:*:*:*", "matchCriteriaId": "00EAEA17-033A-4A50-8E39-D61154876D2F", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4EE93350-92E6-4F5C-A14C-9993CFFDBCD4", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*", "matchCriteriaId": "0D9F2B04-A1F2-4788-A53D-C8274A758DDA", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*", "matchCriteriaId": "9A5309ED-D84F-4F52-9864-5B0FEEEE5022", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "DD7C441E-444B-4DF5-8491-86805C70FB99", "vulnerable": true }, { "criteria": "cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*", "matchCriteriaId": "C9CCE8F3-84EE-4571-8AAA-BF2D132E9BD4", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:8.05:*:*:*:*:*:*:*", "matchCriteriaId": "31B1ADC1-9B6D-4B5E-A05A-D69599A3A0D5", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*", "matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*", "matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F", "vulnerable": true }, { "criteria": "cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*", "matchCriteriaId": "32310AFE-38CC-4C6C-AE13-54C18720F2C0", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "AC46909F-DDFC-448B-BCDF-1EB343F96630", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "1E140F76-D078-4F58-89CF-3278CDCB9AF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(11\\)e:*:*:*:*:*:*:*", "matchCriteriaId": "580BA1FE-0826-47A7-8BD3-9225E0841EDD", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e:*:*:*:*:*:*:*", "matchCriteriaId": "040B04CD-B891-4F19-A7CC-5C2D462FBD6C", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e12:*:*:*:*:*:*:*", "matchCriteriaId": "5BF29685-7FFC-4093-A1D4-21E4871AF5C6", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(11b\\)e14:*:*:*:*:*:*:*", "matchCriteriaId": "E72872C9-63AF-417F-BFAE-92B4D350C006", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(13\\)e9:*:*:*:*:*:*:*", "matchCriteriaId": "80BCF196-5E5A-4F31-BCE7-AA0C748CA922", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.1\\(19\\)e1:*:*:*:*:*:*:*", "matchCriteriaId": "970939C5-1E6F-47B6-97E6-7B2C1E019985", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy:*:*:*:*:*:*:*", "matchCriteriaId": "CD1F4148-E772-4708-8C1F-D67F969C11DA", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.2\\(14\\)sy1:*:*:*:*:*:*:*", "matchCriteriaId": "3CEBCEF0-5982-4B30-8377-9CAC978A1CB0", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.2sy:*:*:*:*:*:*:*", "matchCriteriaId": "09458CD7-D430-4957-8506-FAB2A3E2AA65", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:ios:12.2za:*:*:*:*:*:*:*", "matchCriteriaId": "62626BB6-D4EA-4A8A-ABC1-F86B37F19EDB", "vulnerable": true } ], "negate": false, "operator": "OR" }, { "cpeMatch": [ { "criteria": "cpe:2.3:a:4d:webstar:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "F8B87C95-4B34-4628-AD03-67D1DE13E097", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "758F95DB-E619-4B08-86FA-6CF2C1B0CBCD", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "4F04471C-732F-44EE-AD1B-6305C1DD7DDD", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "3499913B-5DCD-4115-8C7B-9E8AFF79DE5E", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "E237919A-416B-4039-AAD2-7FAE1F4E100D", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "39149924-188C-40C1-B598-A9CD407C90DE", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "15D5780C-4E29-4BCA-A47E-29FF6EAF33FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:4d:webstar:5.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "E6501108-5455-48FE-AA82-37AFA5D7EC24", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix:*:*:lx:*:*:*:*:*", "matchCriteriaId": "C1A3B951-A1F8-4291-82FA-AB7922D13ACE", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix:5.1.46:*:*:*:*:*:*:*", "matchCriteriaId": "3F2E7C81-C0F5-4D36-9A23-03BE69295ED0", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix:s3210:*:*:*:*:*:*:*", "matchCriteriaId": "9D0EF4A3-2FE5-41E4-A764-30B379ECF081", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:intuity_audix:s3400:*:*:*:*:*:*:*", "matchCriteriaId": "CCF6D59E-8AEA-4380-B86B-0803B2202F16", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:5:*:*:*:*:*:*:*", "matchCriteriaId": "140ABF28-FA39-4D77-AEB2-304962ED48C2", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:5x:*:*:*:*:*:*:*", "matchCriteriaId": "09473DD9-5114-44C5-B56C-6630FBEBCACB", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:100_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A7ECD3A4-5A39-4222-8350-524F11D8FFB0", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:500:*:*:*:*:*:*:*", "matchCriteriaId": "D36C140D-E80C-479A-ADA7-18E901549059", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:2000_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "940712E9-B041-4B7F-BD02-7DD0AE596D65", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:5000_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "03B887A2-9025-4C5B-8901-71BC63BF5293", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:7500_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "33264586-7160-4550-9FF9-4101D72F5C9B", "vulnerable": true }, { "criteria": "cpe:2.3:a:avaya:vsu:10000_r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "CE5E6521-0611-4473-82AC-21655F10FEC0", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:*:*:vsx-ng-ai:*:*:*:*:*", "matchCriteriaId": "AA9A50A1-CA8C-4EE5-B68F-4958F6B4B028", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:2.0:*:gx:*:*:*:*:*", "matchCriteriaId": "8C83ABA2-87CD-429B-9800-590F8256B064", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp0:*:*:*:*:*:*:*", "matchCriteriaId": "A4D9A576-2878-4AC4-AC95-E69CB8A84A71", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp1:*:*:*:*:*:*:*", "matchCriteriaId": "0A1A0B02-CF33-401F-9AB2-D595E586C795", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:firewall-1:next_generation_fp2:*:*:*:*:*:*:*", "matchCriteriaId": "8C0EF3F0-B82E-45B7-8D05-05E76009F7A2", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "90FB3825-21A6-4DBE-8188-67672DBE01CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "80623E58-8B46-4559-89A4-C329AACF3CB7", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp2:*:*:*:*:*:*", "matchCriteriaId": "AEE6C228-CD93-4636-868B-C19BC1674BE6", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp3:*:*:*:*:*:*", "matchCriteriaId": "A645148C-AD0D-46C1-BEE3-10F5C9066279", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:provider-1:4.1:sp4:*:*:*:*:*:*", "matchCriteriaId": "0D69187C-7F46-4FF0-A8A0-0E1989EA79BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp0:*:*:*:*:*:*:*", "matchCriteriaId": "4AE4A7EE-1BA3-46F1-BF4A-A72997EE0992", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp1:*:*:*:*:*:*:*", "matchCriteriaId": "02029D75-FAF2-4842-9246-079C7DE36417", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:vpn-1:next_generation_fp2:*:*:*:*:*:*:*", "matchCriteriaId": "E0146341-364C-4085-A2E1-BC8C260FBA3D", "vulnerable": true }, { "criteria": "cpe:2.3:a:checkpoint:vpn-1:vsx_ng_with_application_intelligence:*:*:*:*:*:*:*", "matchCriteriaId": "B5EF01C8-1C8A-4BD1-A13B-CE31F09F9523", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:access_registrar:*:*:*:*:*:*:*:*", "matchCriteriaId": "B8496E0D-2507-4C25-A122-0B846CBCA72A", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:application_and_content_networking_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "8E383F2A-DFCF-47F8-94EE-3563D41EA597", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:css_secure_content_accelerator:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "D2D87EF0-056E-4128-89EB-2803ED83DEE9", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:css_secure_content_accelerator:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "BB3163C1-2044-44DA-9C88-076D75FDF1EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:css11000_content_services_switch:*:*:*:*:*:*:*:*", "matchCriteriaId": "07E1B690-C58B-4C08-A757-F3DF451FDAAA", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:okena_stormwatch:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "31F0E14C-7681-4D1A-B982-A51E450B93A7", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*", "matchCriteriaId": "ECBC761F-A8F5-4CD8-B19C-5CE8FFC58FDD", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:threat_response:*:*:*:*:*:*:*:*", "matchCriteriaId": "2CF39E8B-C201-4940-81C9-14AF4C3DD4B5", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:6.10:*:*:*:*:*:*:*", "matchCriteriaId": "AC604680-2E9E-4DC4-ACDD-74D552A45BA4", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:6.10_b4:*:*:*:*:*:*:*", "matchCriteriaId": "37A94436-D092-4C7E-B87B-63BC621EE82E", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.1_0.1.02:*:*:*:*:*:*:*", "matchCriteriaId": "862165CF-3CFB-4C6E-8238-86FA85F243C8", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.1_0.2.06:*:*:*:*:*:*:*", "matchCriteriaId": "056F3336-BAA8-4A03-90B4-7B31710FC1B3", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.2_0.0.03:*:*:*:*:*:*:*", "matchCriteriaId": "9FDC2510-FBB9-429A-B6D4-10AB11F93960", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.10:*:*:*:*:*:*:*", "matchCriteriaId": "5D45127E-A544-40A0-9D34-BD70D95C9772", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:webns:7.10_.0.06s:*:*:*:*:*:*:*", "matchCriteriaId": "56C69C3E-C895-45C8-8182-7BB412A0C828", "vulnerable": true }, { "criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "A1FDD507-C38B-4C38-A54F-3DA6F07AD0B5", "vulnerable": true }, { "criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "6F2B7AC2-CF08-4AC9-9A71-3A8130F9F9AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:dell:bsafe_ssl-j:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "D4D9564B-B92E-4C97-87FF-B56D62DCA775", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:1.5.17:*:*:*:*:*:*:*", "matchCriteriaId": "FF2AD44D-3BE8-4541-B62D-9F01D46F8E6A", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:1.5.18:*:*:*:*:*:*:*", "matchCriteriaId": "8BF2E08B-9046-41A1-BEDE-EB0B6436315C", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:1.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "811E1BE8-3868-49F8-B6E8-D5705559B02E", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:1.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "D67C9DB4-E46C-4E84-82D9-AF48EFDAEFBA", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "CF0E1BF0-6629-40DC-AB23-0256BABD0CB9", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:1.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "1AC4E7E5-FCC1-46B0-B69F-F1F6B36838ED", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "2C4AED89-F862-4071-8E94-481A59EDAE8E", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "7A3CB6FF-3840-4E80-A0A4-614D6686D2B6", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "67010B0B-ECE7-4EE5-B103-05DC637E150F", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "1355EF99-35FC-44A7-BC56-F7C0EA49BF0C", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "6DDA8F10-B059-4403-A790-EFC8822588B2", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "A06BCD31-3FB6-468B-9BC9-EA573717B19F", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "360238CC-3BF5-4750-B16D-8A2E0257022E", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:2.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "0C55C754-E213-4E79-AA7B-2CAF8A464388", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "647BA524-5A79-408C-BBF2-5780BC522B64", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "D599C49D-4D7D-4C44-9D8D-A3F76746BBA8", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:2.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "7B4DC717-0785-4C19-8A33-ACA5F378DF3C", "vulnerable": true }, { "criteria": "cpe:2.3:a:forcepoint:stonegate:2.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "858843D3-84BB-48B6-80D1-1271AE60150D", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:wbem:a.01.05.08:*:*:*:*:*:*:*", "matchCriteriaId": "B931D4F8-23F5-4ABA-A457-959995D30C58", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:wbem:a.02.00.00:*:*:*:*:*:*:*", "matchCriteriaId": "BE6A023E-9C2A-487F-B5CE-674C766BFE75", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:wbem:a.02.00.01:*:*:*:*:*:*:*", "matchCriteriaId": "6A15ACA2-D500-4260-B51A-6FE6AB5A45A4", "vulnerable": true }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0A7B80E0-40BB-4B4E-9711-AF293A038DD4", "vulnerable": true }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "9EFCFFE8-9CAD-4A7F-9751-8627E6297C9F", "vulnerable": false }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D3653856-207E-46A7-92DD-D7F377F1829A", "vulnerable": false }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "7E4627BB-0D75-44BC-989F-0E85C9FA0E2B", "vulnerable": false }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "19053434-F9E7-4839-AB5A-B226CC4616A5", "vulnerable": false }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.2:rc1:*:*:*:*:*:*", "matchCriteriaId": "D04CABBA-7BEB-44EC-A6E4-A31E41A62BD7", "vulnerable": false }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.2:rc2:*:*:*:*:*:*", "matchCriteriaId": "8D15C938-4DAB-4011-80EE-A2663E20BFC1", "vulnerable": false }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "C9C056ED-2492-4B1C-BCB9-4F36806C4A48", "vulnerable": false }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "A72FC232-A2CB-443B-9A4A-8BBFEFE6517C", "vulnerable": false }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.3:-:*:*:*:*:*:*", "matchCriteriaId": "BA347CD3-0619-4EA2-A736-B59EE9E3AC12", "vulnerable": false }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.3:rc1:*:*:*:*:*:*", "matchCriteriaId": "4ACEF29C-3225-43A7-9E07-FBCCF555887E", "vulnerable": false }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.3:rc2:*:*:*:*:*:*", "matchCriteriaId": "46D932AF-FB1A-464D-BA3D-2DC2D3C187CD", "vulnerable": false }, { "criteria": "cpe:2.3:a:litespeedtech:litespeed_web_server:1.3:rc3:*:*:*:*:*:*", "matchCriteriaId": "9F532860-9E26-45C3-9FB3-6B0888F1279A", "vulnerable": false }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "A037FAA6-6D26-4496-BC67-03475B4D1155", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "D3831DD3-E783-4200-8986-FDBF7DD9BA53", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "2909C9D5-3D8F-4C41-B0E7-A0C0B432C19A", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "E09436DF-E3C1-4C03-A3BE-73C4BC84BB7B", "vulnerable": true }, { "criteria": "cpe:2.3:a:neoteris:instant_virtual_extranet:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "699764B6-0F86-4AB0-86A3-4F2E69AD820C", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "7562ADC4-0D01-4FC2-98F0-1F4041BDA52E", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.5:*:*:*:*:*:*:*", "matchCriteriaId": "E6FAB588-BDBE-4A04-AB9E-4F700A3951F0", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.5.12a:*:*:*:*:*:*:*", "matchCriteriaId": "E1B83F84-D1EF-43B4-8620-3C1BCCE44553", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.5.27:*:*:*:*:*:*:*", "matchCriteriaId": "41169D2F-4F16-466A-82E9-AD0735472B5B", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "947699C3-D9DE-411A-99C0-44ADD1D2223A", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.7:*:*:*:*:*:*:*", "matchCriteriaId": "15F668C0-8420-4401-AB0F-479575596CF0", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "CDDCC7B6-34CA-4551-9833-306B93E517BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:edirectory:8.7.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "6D69C160-39F7-48B8-B9A3-CC86690453C0", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:imanager:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "166BF638-ABDC-4BB9-BD4E-2B22681AD9CC", "vulnerable": true }, { "criteria": "cpe:2.3:a:novell:imanager:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8FA6420B-9F6A-48F4-A445-12B60A320347", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*", "matchCriteriaId": "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*", "matchCriteriaId": "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*", "matchCriteriaId": "180D07AE-C571-4DD6-837C-43E2A946007A", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*", "matchCriteriaId": "BA3E4D2A-6488-4F8B-A3CA-4161A10FA4DB", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*", "matchCriteriaId": "90789533-C741-4B1C-A24B-2C77B9E4DE5F", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*", "matchCriteriaId": "1520065B-46D7-48A4-B9D0-5B49F690C5B4", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*", "matchCriteriaId": "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*", "matchCriteriaId": "2AA526B9-726A-49D5-B3CA-EBE2DA303CA0", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*", "matchCriteriaId": "494E48E7-EF86-4860-9A53-94F6C313746E", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*", "matchCriteriaId": "45A518E8-21BE-4C5C-B425-410AB1208E9C", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*", "matchCriteriaId": "9E3AB748-E463-445C-ABAB-4FEDDFD1878B", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*", "matchCriteriaId": "660E4B8D-AABA-4520-BC4D-CF8E76E07C05", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*", "matchCriteriaId": "85BFEED5-4941-41BB-93D1-CD5C2A41290E", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*", "matchCriteriaId": "78E79A05-64F3-4397-952C-A5BB950C967D", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*", "matchCriteriaId": "7F7C9E77-1EB2-4720-A8FD-23DC1C877D5A", "vulnerable": true }, { "criteria": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*", "matchCriteriaId": "549BB01D-F322-4FE3-BDA2-4FEA8ED8568A", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.6-15:*:i386:*:*:*:*:*", "matchCriteriaId": "09F3FB7B-0F68-49F3-A3B7-977A687A42E2", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.6b-3:*:i386:*:*:*:*:*", "matchCriteriaId": "088F2FF7-96E5-455E-A35B-D99F9854EC6E", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386:*:*:*:*:*", "matchCriteriaId": "FFA721BF-1B2E-479F-BF25-02D441BF175B", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_dev:*:*:*:*:*", "matchCriteriaId": "AFEDCE49-21CC-4168-818F-4C638EE3B077", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:openssl:0.9.7a-2:*:i386_perl:*:*:*:*:*", "matchCriteriaId": "B7D18F9B-C0BE-4DE8-81F4-5BF56C00BF41", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:servercluster:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "8F0F78F4-E81E-4C6B-AB73-D6AAE191060E", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:servercluster:2.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "DF1A5808-6D5D-48AD-9470-5A6510D17913", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C1E8990D-D9A0-4A71-9D87-EC047E01B0D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:1_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "6DBCC172-6867-4DFD-AAEF-9BDB4DA21F46", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C2F2BEEA-46BB-4718-B0F3-B4EC62B678A6", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "8D09E11C-C5BB-409E-BB0D-7F351250419B", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_fullcluster:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "6B06A05D-AA31-441D-9FC2-3558648C3B7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C0886901-6F93-44C1-B774-84D7E5D9554C", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_securitycluster:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "3F203A80-7C1E-4A04-8E99-63525E176753", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "CA0A204C-158B-4014-A53C-75E0CD63E0DE", "vulnerable": true }, { "criteria": "cpe:2.3:a:stonesoft:stonebeat_webcluster:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "085BA581-7DA5-4FA4-A888-351281FD0A7D", "vulnerable": true }, { "criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.20:*:*:*:*:*:*:*", "matchCriteriaId": "9519BCB2-B401-44CE-97F6-847BB36AE45F", "vulnerable": true }, { "criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.30:*:*:*:*:*:*:*", "matchCriteriaId": "BBE573E8-DD94-4293-99AE-27B9067B3ED9", "vulnerable": true }, { "criteria": "cpe:2.3:a:tarantella:tarantella_enterprise:3.40:*:*:*:*:*:*:*", "matchCriteriaId": "D14413DA-5199-4282-9E22-D347E9D8E469", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "05CC5F49-0E9E-45D8-827D-A5940566DB25", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:2.0.1_build_2129:*:*:*:*:*:*:*", "matchCriteriaId": "5D94EE19-6CE9-4E02-8174-D9954CDBF02B", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "D4E4BEE3-AE7B-4481-B724-2E644E18ACC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:2.5.1_build_5336:*:*:*:*:*:*:*", "matchCriteriaId": "EAAB7052-E0B6-472E-920B-A0F0AEA25D6A", "vulnerable": true }, { "criteria": "cpe:2.3:a:vmware:gsx_server:3.0_build_7592:*:*:*:*:*:*:*", "matchCriteriaId": "8CE38F15-BD42-4171-8670-86AA8169A60C", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8300:r2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "20C0BD87-CE4B-49D2-89BE-EF282C43AD72", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8300:r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "C3E6C4A8-59F4-43EE-8413-E95289037598", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8500:r2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "FE76357A-27E6-4D85-9AA0-1BB658C41568", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8500:r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "C56C5FDB-24E2-479D-87CA-164CD28567D3", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8700:r2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "AEF6C16F-8EDF-4A24-BFEF-6A304D654EEB", "vulnerable": true }, { "criteria": "cpe:2.3:h:avaya:s8700:r2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D982AE39-BB57-49E7-B5FE-5EF1ADE2F019", "vulnerable": true }, { "criteria": "cpe:2.3:h:bluecoat:proxysg:*:*:*:*:*:*:*:*", "matchCriteriaId": "1B6CFEC9-0F8F-4CD4-ABD1-E6533F910F7F", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "12DE5E22-DF93-46BE-85A3-D4E04379E901", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:content_services_switch_11500:*:*:*:*:*:*:*:*", "matchCriteriaId": "BF28C435-C036-4507-8E3F-44E722F9974A", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:gss_4480_global_site_selector:*:*:*:*:*:*:*:*", "matchCriteriaId": "CDA957E2-ABF9-49B2-874F-3FC3060CE0B0", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:gss_4490_global_site_selector:*:*:*:*:*:*:*:*", "matchCriteriaId": "5F2CDFE7-6853-4A31-85C0-50C57A8D606A", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:mds_9000:*:*:*:*:*:*:*:*", "matchCriteriaId": "0F2ED90B-DDBA-49DE-AC78-20E7D77C8858", "vulnerable": true }, { "criteria": "cpe:2.3:h:cisco:secure_content_accelerator:10000:*:*:*:*:*:*:*", "matchCriteriaId": "408A9DB0-81EF-4186-B338-44954E67289B", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B0C5F92-7E93-4C3F-B22B-E6612A4D3E10", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.01:*:*:*:*:*:*:*", "matchCriteriaId": "2D0DC4B4-9AD9-4AC8-BFA7-A3D209B5D089", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.02:*:*:*:*:*:*:*", "matchCriteriaId": "303362A5-9C3C-4C85-8C97-2AB12CE01BF6", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.03:*:*:*:*:*:*:*", "matchCriteriaId": "FED22DC1-E06B-4511-B920-6DAB792262D8", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.0.04:*:*:*:*:*:*:*", "matchCriteriaId": "4CE44CA7-4BC7-4C2B-948F-2ACABB91528B", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "F757B2A7-869F-4702-81EB-466317A79D61", "vulnerable": true }, { "criteria": "cpe:2.3:h:securecomputing:sidewinder:5.2.1.02:*:*:*:*:*:*:*", "matchCriteriaId": "01F6E9A9-6C85-48DA-BC61-55F8EACCB59F", "vulnerable": true }, { "criteria": "cpe:2.3:h:sun:crypto_accelerator_4000:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "64AF1E33-4086-43E2-8F54-DA75A99D4B75", "vulnerable": true }, { "criteria": "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "53D16F03-A4C7-4497-AB74-499F208FF059", "vulnerable": true }, { "criteria": "cpe:2.3:o:bluecoat:cacheos_ca_sa:4.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "13A33EC1-836B-4C8C-AC18-B5BD4F90E612", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "58BE9C02-2A01-4F6F-A6BD-BC0173561E9B", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "C558CED8-8342-46CB-9F52-580B626D320E", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "0F85D19E-6C26-429D-B876-F34238B9DAAF", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "FEC7CCF7-CBC6-4EDC-8EDD-884DFFFBCC7D", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "E5011A33-CD6D-4EFC-ACFD-E51C9AE726A3", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4.101\\):*:*:*:*:*:*:*", "matchCriteriaId": "09063867-0E64-4630-B35B-4CCA348E4DAB", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "78F98CD7-A352-483C-9968-8FB2627A7CBD", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "F97FE485-705F-4707-B6C6-0EF9E8A85D5F", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "E2B925E8-D2C2-4E8C-AC21-0C422245C482", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "B9170562-872E-4C32-869C-B10FF35A925E", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "D0927A68-8BB2-4F03-8396-E9CACC158FC0", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(5\\):*:*:*:*:*:*:*", "matchCriteriaId": "559DDBA3-2AF4-4A0C-B219-6779BA931F21", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "ED9D142A-DDC8-4BD6-8C22-F242C9C0B1ED", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "5226C9CC-6933-4F10-B426-B47782C606FD", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "757DAE9A-B25D-4B8A-A41B-66C2897B537E", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "5E3DC170-E279-4725-B9EE-6840B5685CC9", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3.100\\):*:*:*:*:*:*:*", "matchCriteriaId": "8091EDA9-BD18-47F7-8CEC-E086238647C6", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "6F867890-74A4-4892-B99A-27DB4603B873", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "CE05B514-F094-4632-B25B-973F976F6409", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "3392428D-1A85-4472-A276-C482A78E2CE1", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.102\\):*:*:*:*:*:*:*", "matchCriteriaId": "40954985-16E6-4F37-B014-6A55166AE093", "vulnerable": true }, { "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.109\\):*:*:*:*:*:*:*", "matchCriteriaId": "0C097809-1FEF-4417-A201-42291CC29122", "vulnerable": true } ], "negate": false, "operator": "OR" } ], "operator": "AND" } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read." }, { "lang": "es", "value": "El c\u00f3digo que une SSL/TLS en OpenSSL 0.9.7a, 0.9.7b y 0.9.7c, usando Kerberos, no comprueba adecuadamente la longitud de los tickets de Kerberos, lo que permite que atacantes remotos provoquen una denegaci\u00f3n de servicio." } ], "id": "CVE-2004-0112", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-11-23T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://docs.info.apple.com/article.html?artnum=61798" }, { "source": "cve@mitre.org", "tags": [ "Mailing List" ], "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "source": "cve@mitre.org", "tags": [ "Mailing List" ], "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/11139" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/484726" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.openssl.org/news/secadv_20040317.txt" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9899" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.trustix.org/errata/2004/0012" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "source": "cve@mitre.org", "tags": [ "Broken Link", "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928" }, { "source": "cve@mitre.org", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000834" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://docs.info.apple.com/article.html?artnum=61798" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ], "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List" ], "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://lists.apple.com/mhonarc/security-announce/msg00045.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=107953412903636\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://marc.info/?l=bugtraq\u0026m=108403806509920\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://secunia.com/advisories/11139" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200403-03.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57524" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.ciac.org/ciac/bulletins/o-101.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/484726" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:023" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.novell.com/linux/security/advisories/2004_07_openssl.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.openssl.org/news/secadv_20040317.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-120.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-121.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "VDB Entry", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9899" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.slackware.org/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.455961" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.trustix.org/errata/2004/0012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "http://www.uniras.gov.uk/vuls/2004/224012/index.htm" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link", "Third Party Advisory", "US Government Resource" ], "url": "http://www.us-cert.gov/cas/techalerts/TA04-078A.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15508" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1049" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A928" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Broken Link" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9580" } ], "sourceIdentifier": "cve@mitre.org", "vendorComments": [ { "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-125" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:php:php:4.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "63190D9B-7958-4B93-87C6-E7D5A572F6DC", "vulnerable": true }, { "criteria": "cpe:2.3:a:php:php:4.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "7AB2E2E8-81D6-4973-AC0F-AA644EE99DD3", "vulnerable": true }, { "criteria": "cpe:2.3:a:php:php:4.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "4AAF4586-74FF-47C6-864B-656FDF3F33D0", "vulnerable": true }, { "criteria": "cpe:2.3:a:php:php:4.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "B14EF0C7-61F2-47A4-B7F8-43FF03C62DCA", "vulnerable": true }, { "criteria": "cpe:2.3:a:php:php:4.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "5245F990-B4A7-4ED8-909D-B8137CE79FAA", "vulnerable": true }, { "criteria": "cpe:2.3:a:php:php:4.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "5652D5B0-68E4-4239-B9B7-599AFCF4C53E", "vulnerable": true }, { "criteria": "cpe:2.3:a:php:php:4.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "57B71BB7-5239-4860-9100-8CABC3992D8C", "vulnerable": true }, { "criteria": "cpe:2.3:a:php:php:4.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "72BD447A-4EED-482C-8F61-48FAD4FCF8BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:php:php:4.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "B3F9DF9D-15E5-4387-ABE3-A7583331A928", "vulnerable": true }, { "criteria": "cpe:2.3:a:php:php:4.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "11579E5C-D7CF-46EE-B015-5F4185C174E7", "vulnerable": true }, { "criteria": "cpe:2.3:a:php:php:4.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "C69CDE21-2FD4-4529-8F02-8709CF5E3D7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "DC6931D5-DE7E-41F6-ADDC-AB5A8A167F69", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "0760FDDB-38D3-4263-9B4D-1AF5E613A4F9", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "AFD4DE58-46C7-4E69-BF36-C5FD768B8248", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "8923EE1A-DD48-4EC8-8698-A33093FD709C", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4:*:*:*:*:*:*:*", "matchCriteriaId": "D24D5FA5-95DD-4ECC-B99A-8CB33156A6D0", "vulnerable": true }, { "criteria": "cpe:2.3:o:apple:mac_os_x_server:10.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "29644501-54BD-45E9-A6C1-618892CD354F", "vulnerable": true }, { "criteria": "cpe:2.3:o:peachtree:peachtree_linux:release_1:*:*:*:*:*:*:*", "matchCriteriaId": "7A208F7F-05FE-4C28-B636-33B029843725", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "111575DE-98A2-4C54-BDE1-CACC74D22B35", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "1976D15D-9EE6-4A49-B59F-34F0505FD5BC", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "962FC8D7-BE5D-4E7D-9ADC-511681C593BF", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "451453AC-65FF-4E3B-9AC1-2DDB2E2182E4", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "7716120D-5110-42B0-A574-9AA2AC8D3C32", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "CB4C8426-CAF2-4366-94C0-1BA1C544FB6F", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:4.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "5CC7D746-B98B-4FAF-B816-57222759A344", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "830D48B8-D21D-4D31-99A1-20C231804DBE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "5C0BBDD2-9FF9-4CB7-BCAF-D4AF15DC2C7C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "D1C826AA-6E2F-4DAC-A7A2-9F47729B5DA5", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "BCC94EF9-5872-402F-B2FC-06331A924BB2", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "F163E145-09F7-4BE2-9B46-5B6713070BAB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "124E1802-7984-45ED-8A92-393FC20662FD", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.1:alpha:*:*:*:*:*:*", "matchCriteriaId": "C7F08806-9458-439A-8EAE-2553122262ED", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "1B67020A-6942-4478-B501-764147C4970D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "0AD0FF64-05DF-48C2-9BB5-FD993121FB2E", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:*:ppc:*:*:*:*:*", "matchCriteriaId": "E74E0A28-7C78-4160-8BCF-99605285C0EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.3:alpha:*:*:*:*:*:*", "matchCriteriaId": "76159C25-0760-47CB-AFCE-28306CDEA830", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "7786607A-362E-4817-A17E-C76D6A1F737D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*", "matchCriteriaId": "8A206E1C-C2EC-4356-8777-B18D7069A4C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*", "matchCriteriaId": "6E2FE291-1142-4627-A497-C0BB0D934A0B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*", "matchCriteriaId": "49BC7C7E-046C-4186-822E-9F3A2AD3577B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9E7D75A-333E-4C63-9593-F64ABA5D1CE3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*", "matchCriteriaId": "2FE69F6F-6B17-4C87-ACA4-A2A1FB47206A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "467A30EB-CB8F-4928-AC8F-F659084A9E2B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "714C1439-AB8E-4A8B-A783-D60E9DDC38D4", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*", "matchCriteriaId": "62CAE5B0-4D46-4A93-A343-C8E9CB574C62", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "819868A7-EB1E-4CA9-8D71-72F194E5EFEB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:spa:*:*:*:*:*", "matchCriteriaId": "FB647A8B-ADB9-402B-96E1-45321C75731B", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "0944FD27-736E-4B55-8D96-9F2CA9BB9B05", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*", "matchCriteriaId": "373BB5AC-1F38-4D0A-97DC-08E9654403EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*", "matchCriteriaId": "B5E71DA3-F4A0-46AF-92A2-E691C7A65528", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0519FF7D-363E-4530-9E63-6EA3E88432DC", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*", "matchCriteriaId": "1975A2DD-EB22-4ED3-8719-F78AA7F414B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "FAE3FF4F-646F-4E05-A08A-C9399DEF60F1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "19F606EE-530F-4C06-82DB-52035EE03FA3", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*", "matchCriteriaId": "A0E896D5-0005-4E7E-895D-B202AFCE09A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*", "matchCriteriaId": "5A8B313F-93C7-4558-9571-DE1111487E17", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*", "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*", "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:*:*:*:*:*:*", "matchCriteriaId": "A7D073E9-E535-4B36-BEF2-8499536E37DA", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion." } ], "id": "CVE-2005-1043", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-04-14T04:00:00.000", "references": [ { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.29\u0026r2=1.118.2.30\u0026ty=u" }, { "source": "secalert@redhat.com", "url": "http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200504-15.xml" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:072" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-406.html" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154025" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10307" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/112-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.29\u0026r2=1.118.2.30\u0026ty=u" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2005/Jun/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200504-15.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:072" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-406.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154025" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10307" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/112-1/" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9:*:*:*:*:*:*:*", "matchCriteriaId": "83C48EC3-D0BA-4A5D-93B0-6931CB3587AB", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "CB461B6B-B731-4732-AAD0-191BE50189D9", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "19961880-D38A-4785-A7C5-879A061119BE", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "831705D2-C4DE-475F-B908-8859064AFB38", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "A4622585-20E2-46E9-B773-74729FF22EEB", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.5:*:*:*:*:*:*:*", "matchCriteriaId": "E86ADCB6-0940-4CB9-85F1-A7694210FB66", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.6:*:*:*:*:*:*:*", "matchCriteriaId": "042B6289-D2E2-4369-BB40-EA6EE7025D23", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.7:*:*:*:*:*:*:*", "matchCriteriaId": "C93D7B7E-F5F9-44A2-A87B-4A16634DEDAD", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.8:*:*:*:*:*:*:*", "matchCriteriaId": "F0A48938-30B8-4403-B08A-177FFCB9054B", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.9:*:*:*:*:*:*:*", "matchCriteriaId": "C9A33AA4-CABF-4B6B-8688-8C1BD36D6649", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.10:*:*:*:*:*:*:*", "matchCriteriaId": "67B81EFD-27C1-411C-AFF3-E5340627E3BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.11:*:*:*:*:*:*:*", "matchCriteriaId": "680934CF-7F9B-41E4-AA03-ECD96F477AB9", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.12:*:*:*:*:*:*:*", "matchCriteriaId": "6F1F3D3E-A6D6-4C1A-8BC6-5579C19A7A45", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.13:*:*:*:*:*:*:*", "matchCriteriaId": "3BCF3AFF-ED4D-40F6-A2DD-04C0A6D3BD64", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.14:*:*:*:*:*:*:*", "matchCriteriaId": "DBCCE368-64E6-4CEC-B068-9B8BA2527289", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.15:*:*:*:*:*:*:*", "matchCriteriaId": "CF5374A4-5194-45FD-895D-B04FDC7E853C", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.16:*:*:*:*:*:*:*", "matchCriteriaId": "4038BC6D-DE51-4F1C-A25C-CD7FC6CE8CF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10:*:*:*:*:*:*:*", "matchCriteriaId": "338CEFD7-EBC0-43FB-B482-9A3D0834447E", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "136FF83B-2B03-4E5F-95C1-84195BE8392A", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "898E6919-542F-4A31-8CC0-C3C4CE0F9FCF", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "350ABD20-6BB8-4EDB-9DD1-6D1802D892A7", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "F5A659C0-2CDA-44EF-9D5F-0A57B3F14E5E", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.5:*:*:*:*:*:*:*", "matchCriteriaId": "FB12CA01-E0EA-4E84-802F-CC52268D65FD", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.6:*:*:*:*:*:*:*", "matchCriteriaId": "9704EC6E-7219-41FC-BE00-CD91A246C61E", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.7:*:*:*:*:*:*:*", "matchCriteriaId": "2B93B95E-F295-468C-A6A2-5AA6DE729E52", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:altlinux:alt_linux:2.3:*:compact:*:*:*:*:*", "matchCriteriaId": "64BE98C2-8EFA-4349-9FE2-D62CA63A16C4", "vulnerable": true }, { "criteria": "cpe:2.3:o:altlinux:alt_linux:2.3:*:junior:*:*:*:*:*", "matchCriteriaId": "7D0AC3A3-A37C-4053-B05F-A031877AC811", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*", "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*", "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*", "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*", "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*", "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*", "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*", "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*", "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*", "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*", "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash)." } ], "id": "CVE-2004-1139", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-12-15T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/13468/" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.ciac.org/ciac/bulletins/p-061.shtml" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory", "URL Repurposed" ], "url": "http://www.ethereal.com/appnotes/enpa-sa-00016.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-15.xml" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:152" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-037.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11943" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18484" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11319" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/13468/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.ciac.org/ciac/bulletins/p-061.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory", "URL Repurposed" ], "url": "http://www.ethereal.com/appnotes/enpa-sa-00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-15.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:152" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-037.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11943" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18484" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11319" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
cvs | cvs | 1.10.7 | |
cvs | cvs | 1.10.8 | |
cvs | cvs | 1.11 | |
cvs | cvs | 1.11.1 | |
cvs | cvs | 1.11.1_p1 | |
cvs | cvs | 1.11.2 | |
cvs | cvs | 1.11.3 | |
cvs | cvs | 1.11.4 | |
cvs | cvs | 1.11.5 | |
cvs | cvs | 1.11.6 | |
cvs | cvs | 1.11.10 | |
cvs | cvs | 1.11.11 | |
cvs | cvs | 1.11.14 | |
cvs | cvs | 1.11.15 | |
cvs | cvs | 1.11.16 | |
cvs | cvs | 1.12.1 | |
cvs | cvs | 1.12.2 | |
cvs | cvs | 1.12.5 | |
cvs | cvs | 1.12.7 | |
cvs | cvs | 1.12.8 | |
openpkg | openpkg | * | |
openpkg | openpkg | 1.3 | |
openpkg | openpkg | 2.0 | |
sgi | propack | 2.4 | |
sgi | propack | 3.0 | |
gentoo | linux | 1.4 | |
openbsd | openbsd | * | |
openbsd | openbsd | 3.4 | |
openbsd | openbsd | 3.5 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:cvs:cvs:1.10.7:*:*:*:*:*:*:*", "matchCriteriaId": "C9F7CA6E-7D45-46C9-A437-0D0C4D3F25CC", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.10.8:*:*:*:*:*:*:*", "matchCriteriaId": "62135DD0-140D-42C2-9302-31B5E2DE1A4A", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:*", "matchCriteriaId": "D92B456C-5F8E-4DC2-940C-AE06B42DD3A9", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "37B53C85-AA0E-40DD-B477-058586197714", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.1_p1:*:*:*:*:*:*:*", "matchCriteriaId": "D1D1234F-1BB0-432B-B7B7-A97E3ADD5561", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "6D472B97-F7C2-4973-9D71-AB3CF1F8774D", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.3:*:*:*:*:*:*:*", "matchCriteriaId": "9D0DCF26-59A8-46AC-99D7-97C203A0D702", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.4:*:*:*:*:*:*:*", "matchCriteriaId": "B31BAACA-7518-48D2-ADEE-F59F4569D3BF", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.5:*:*:*:*:*:*:*", "matchCriteriaId": "9D2748A8-5047-4338-A08E-986497AE4B1C", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.6:*:*:*:*:*:*:*", "matchCriteriaId": "525C4E91-2186-4D3A-9DF0-1C6A75A3F919", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.10:*:*:*:*:*:*:*", "matchCriteriaId": "EB231E7F-1A6F-4A79-8ED2-F6CAD311A5A6", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.11:*:*:*:*:*:*:*", "matchCriteriaId": "FF7105E4-25F8-4AE3-9EDD-D44BF3E17145", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.14:*:*:*:*:*:*:*", "matchCriteriaId": "7C22BAF3-7B9C-4B2E-B5C6-1F37B896C301", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.15:*:*:*:*:*:*:*", "matchCriteriaId": "4AFFAE96-873A-4253-BCC7-1049DA81D9CA", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.16:*:*:*:*:*:*:*", "matchCriteriaId": "D1163535-583A-4504-BE7B-8919143CDF9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "766053F7-A174-4716-BF49-76B50FC79FD8", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.2:*:*:*:*:*:*:*", "matchCriteriaId": "C7D2623F-167A-4976-B757-DAC4CCFAFE64", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.5:*:*:*:*:*:*:*", "matchCriteriaId": "FAEC4477-D040-450E-A850-8B03C937A600", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.7:*:*:*:*:*:*:*", "matchCriteriaId": "2848AA51-9AF1-448D-955F-50B5203F7229", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.8:*:*:*:*:*:*:*", "matchCriteriaId": "7B66BE64-E340-4777-B877-483FEAA66988", "vulnerable": true }, { "criteria": "cpe:2.3:a:openpkg:openpkg:*:*:*:*:*:*:*:*", "matchCriteriaId": "F74941A0-97CA-44D4-B55B-9224F051D40F", "vulnerable": true }, { "criteria": "cpe:2.3:a:openpkg:openpkg:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "46B96764-9241-4586-9FA5-77D8D8EBE3BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:openpkg:openpkg:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "48A4B336-2D5B-4D9B-AA87-E5266FED05BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*", "matchCriteriaId": "CA3CDD3C-DBA6-4BA2-967D-AD746822F3CF", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*", "matchCriteriaId": "BDA160D4-5CAB-44E7-880A-59DD98FEAD62", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code." }, { "lang": "es", "value": "Vulnerabilidad de doble liberaci\u00f3n en la cadena error_prog_name en CVS 1.12.x a 1.12.8, y 1.11.x a 1.11.16, puede permitir a atacantes remotos ejecutar c\u00f3digo arbitrario." } ], "id": "CVE-2004-0416", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-08-06T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=108716553923643\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://security.e-matters.de/advisories/092004.html" }, { "source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200406-06.xml" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-519" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-233.html" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10070" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A994" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=108716553923643\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.e-matters.de/advisories/092004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200406-06.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-519" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-233.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10070" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A994" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
cvs | cvs | 1.10.7 | |
cvs | cvs | 1.10.8 | |
cvs | cvs | 1.11 | |
cvs | cvs | 1.11.1 | |
cvs | cvs | 1.11.1_p1 | |
cvs | cvs | 1.11.2 | |
cvs | cvs | 1.11.3 | |
cvs | cvs | 1.11.4 | |
cvs | cvs | 1.11.5 | |
cvs | cvs | 1.11.6 | |
cvs | cvs | 1.11.10 | |
cvs | cvs | 1.11.11 | |
cvs | cvs | 1.11.14 | |
cvs | cvs | 1.11.15 | |
cvs | cvs | 1.11.16 | |
cvs | cvs | 1.12.1 | |
cvs | cvs | 1.12.2 | |
cvs | cvs | 1.12.5 | |
cvs | cvs | 1.12.7 | |
cvs | cvs | 1.12.8 | |
openpkg | openpkg | * | |
openpkg | openpkg | 1.3 | |
openpkg | openpkg | 2.0 | |
sgi | propack | 2.4 | |
sgi | propack | 3.0 | |
gentoo | linux | 1.4 | |
openbsd | openbsd | * | |
openbsd | openbsd | 3.4 | |
openbsd | openbsd | 3.5 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:cvs:cvs:1.10.7:*:*:*:*:*:*:*", "matchCriteriaId": "C9F7CA6E-7D45-46C9-A437-0D0C4D3F25CC", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.10.8:*:*:*:*:*:*:*", "matchCriteriaId": "62135DD0-140D-42C2-9302-31B5E2DE1A4A", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:*", "matchCriteriaId": "D92B456C-5F8E-4DC2-940C-AE06B42DD3A9", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "37B53C85-AA0E-40DD-B477-058586197714", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.1_p1:*:*:*:*:*:*:*", "matchCriteriaId": "D1D1234F-1BB0-432B-B7B7-A97E3ADD5561", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "6D472B97-F7C2-4973-9D71-AB3CF1F8774D", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.3:*:*:*:*:*:*:*", "matchCriteriaId": "9D0DCF26-59A8-46AC-99D7-97C203A0D702", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.4:*:*:*:*:*:*:*", "matchCriteriaId": "B31BAACA-7518-48D2-ADEE-F59F4569D3BF", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.5:*:*:*:*:*:*:*", "matchCriteriaId": "9D2748A8-5047-4338-A08E-986497AE4B1C", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.6:*:*:*:*:*:*:*", "matchCriteriaId": "525C4E91-2186-4D3A-9DF0-1C6A75A3F919", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.10:*:*:*:*:*:*:*", "matchCriteriaId": "EB231E7F-1A6F-4A79-8ED2-F6CAD311A5A6", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.11:*:*:*:*:*:*:*", "matchCriteriaId": "FF7105E4-25F8-4AE3-9EDD-D44BF3E17145", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.14:*:*:*:*:*:*:*", "matchCriteriaId": "7C22BAF3-7B9C-4B2E-B5C6-1F37B896C301", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.15:*:*:*:*:*:*:*", "matchCriteriaId": "4AFFAE96-873A-4253-BCC7-1049DA81D9CA", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.16:*:*:*:*:*:*:*", "matchCriteriaId": "D1163535-583A-4504-BE7B-8919143CDF9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "766053F7-A174-4716-BF49-76B50FC79FD8", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.2:*:*:*:*:*:*:*", "matchCriteriaId": "C7D2623F-167A-4976-B757-DAC4CCFAFE64", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.5:*:*:*:*:*:*:*", "matchCriteriaId": "FAEC4477-D040-450E-A850-8B03C937A600", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.7:*:*:*:*:*:*:*", "matchCriteriaId": "2848AA51-9AF1-448D-955F-50B5203F7229", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.8:*:*:*:*:*:*:*", "matchCriteriaId": "7B66BE64-E340-4777-B877-483FEAA66988", "vulnerable": true }, { "criteria": "cpe:2.3:a:openpkg:openpkg:*:*:*:*:*:*:*:*", "matchCriteriaId": "F74941A0-97CA-44D4-B55B-9224F051D40F", "vulnerable": true }, { "criteria": "cpe:2.3:a:openpkg:openpkg:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "46B96764-9241-4586-9FA5-77D8D8EBE3BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:openpkg:openpkg:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "48A4B336-2D5B-4D9B-AA87-E5266FED05BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*", "matchCriteriaId": "CA3CDD3C-DBA6-4BA2-967D-AD746822F3CF", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*", "matchCriteriaId": "BDA160D4-5CAB-44E7-880A-59DD98FEAD62", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed \"Entry\" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution." }, { "lang": "es", "value": "CVS 1.12.z a 1.12.8, y 1.11.x a 1.11.16, no maneja adecuadamente l\u00edneas \"Entry\" malformadas, lo que impide que un terminador NULL sea usado y puede conducir a una denegaci\u00f3n de servicio (ca\u00edda), modificaci\u00f3n de datos de programa cr\u00edticos, o ejecuci\u00f3n de c\u00f3digo arbitrario." } ], "id": "CVE-2004-0414", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-08-06T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=108716553923643\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://security.e-matters.de/advisories/092004.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200406-06.xml" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-517" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-233.html" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10575" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A993" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=108716553923643\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.e-matters.de/advisories/092004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200406-06.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-517" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-233.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10575" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A993" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
cvs | cvs | 1.10.7 | |
cvs | cvs | 1.10.8 | |
cvs | cvs | 1.11 | |
cvs | cvs | 1.11.1 | |
cvs | cvs | 1.11.1_p1 | |
cvs | cvs | 1.11.2 | |
cvs | cvs | 1.11.3 | |
cvs | cvs | 1.11.4 | |
cvs | cvs | 1.11.5 | |
cvs | cvs | 1.11.6 | |
cvs | cvs | 1.11.10 | |
cvs | cvs | 1.11.11 | |
cvs | cvs | 1.11.14 | |
cvs | cvs | 1.11.15 | |
cvs | cvs | 1.11.16 | |
cvs | cvs | 1.12.1 | |
cvs | cvs | 1.12.2 | |
cvs | cvs | 1.12.5 | |
cvs | cvs | 1.12.7 | |
cvs | cvs | 1.12.8 | |
openpkg | openpkg | * | |
openpkg | openpkg | 1.3 | |
openpkg | openpkg | 2.0 | |
sgi | propack | 2.4 | |
sgi | propack | 3.0 | |
gentoo | linux | 1.4 | |
openbsd | openbsd | * | |
openbsd | openbsd | 3.4 | |
openbsd | openbsd | 3.5 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:cvs:cvs:1.10.7:*:*:*:*:*:*:*", "matchCriteriaId": "C9F7CA6E-7D45-46C9-A437-0D0C4D3F25CC", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.10.8:*:*:*:*:*:*:*", "matchCriteriaId": "62135DD0-140D-42C2-9302-31B5E2DE1A4A", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:*", "matchCriteriaId": "D92B456C-5F8E-4DC2-940C-AE06B42DD3A9", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "37B53C85-AA0E-40DD-B477-058586197714", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.1_p1:*:*:*:*:*:*:*", "matchCriteriaId": "D1D1234F-1BB0-432B-B7B7-A97E3ADD5561", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "6D472B97-F7C2-4973-9D71-AB3CF1F8774D", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.3:*:*:*:*:*:*:*", "matchCriteriaId": "9D0DCF26-59A8-46AC-99D7-97C203A0D702", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.4:*:*:*:*:*:*:*", "matchCriteriaId": "B31BAACA-7518-48D2-ADEE-F59F4569D3BF", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.5:*:*:*:*:*:*:*", "matchCriteriaId": "9D2748A8-5047-4338-A08E-986497AE4B1C", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.6:*:*:*:*:*:*:*", "matchCriteriaId": "525C4E91-2186-4D3A-9DF0-1C6A75A3F919", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.10:*:*:*:*:*:*:*", "matchCriteriaId": "EB231E7F-1A6F-4A79-8ED2-F6CAD311A5A6", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.11:*:*:*:*:*:*:*", "matchCriteriaId": "FF7105E4-25F8-4AE3-9EDD-D44BF3E17145", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.14:*:*:*:*:*:*:*", "matchCriteriaId": "7C22BAF3-7B9C-4B2E-B5C6-1F37B896C301", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.15:*:*:*:*:*:*:*", "matchCriteriaId": "4AFFAE96-873A-4253-BCC7-1049DA81D9CA", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.16:*:*:*:*:*:*:*", "matchCriteriaId": "D1163535-583A-4504-BE7B-8919143CDF9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "766053F7-A174-4716-BF49-76B50FC79FD8", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.2:*:*:*:*:*:*:*", "matchCriteriaId": "C7D2623F-167A-4976-B757-DAC4CCFAFE64", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.5:*:*:*:*:*:*:*", "matchCriteriaId": "FAEC4477-D040-450E-A850-8B03C937A600", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.7:*:*:*:*:*:*:*", "matchCriteriaId": "2848AA51-9AF1-448D-955F-50B5203F7229", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.8:*:*:*:*:*:*:*", "matchCriteriaId": "7B66BE64-E340-4777-B877-483FEAA66988", "vulnerable": true }, { "criteria": "cpe:2.3:a:openpkg:openpkg:*:*:*:*:*:*:*:*", "matchCriteriaId": "F74941A0-97CA-44D4-B55B-9224F051D40F", "vulnerable": true }, { "criteria": "cpe:2.3:a:openpkg:openpkg:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "46B96764-9241-4586-9FA5-77D8D8EBE3BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:openpkg:openpkg:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "48A4B336-2D5B-4D9B-AA87-E5266FED05BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*", "matchCriteriaId": "CA3CDD3C-DBA6-4BA2-967D-AD746822F3CF", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*", "matchCriteriaId": "BDA160D4-5CAB-44E7-880A-59DD98FEAD62", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an \"out-of-bounds\" write for a single byte to execute arbitrary code or modify critical program data." }, { "lang": "es", "value": "serve_notify en CVS 1.12.x a 1.12.8 y 1.11.x a 1.11.16 no maneja adecuadamente l\u00edneas de datos vac\u00edas, lo que puede permitir a atacantes remotos realizar una escritura \"fuera de l\u00edmites\" en un solo byte para ejecutar c\u00f3digo arbitrario o modificar datos cr\u00edticos del programa." } ], "id": "CVE-2004-0418", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-08-06T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=108716553923643\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://security.e-matters.de/advisories/092004.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200406-06.xml" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-519" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-233.html" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1003" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11242" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=108716553923643\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.e-matters.de/advisories/092004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200406-06.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-519" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-233.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1003" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11242" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "EFE4FA19-F2EA-4292-A441-2E4A39366942", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "FA5D7FD1-D5AB-4987-801A-FA464C31298A", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "772710C7-41FE-47E2-B0D7-A3C8D36C8808", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "7358AD98-44C1-4CC4-BD50-CFF3822F3A96", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "AAA1C283-E518-4BC6-BBF0-FCE09F9E0F17", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "5B8A74FB-07B0-42D6-ABF3-D7A073A329E3", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "49668AFD-4821-4D5A-BEBD-DF55A8AB58C6", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "57E0BFFD-D777-43A5-AEE8-765F55C86E93", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6_sp1:*:*:*:*:*:*:*", "matchCriteriaId": "DAF9A151-6EBF-4760-A154-A34FF7C9E632", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*", "matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F", "vulnerable": true }, { "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*", "matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*", "matchCriteriaId": "6CC9AA17-3EF4-4BC5-9E29-5A6525B9AC51", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*", "matchCriteriaId": "A9C60C23-FC4D-4D14-B3E3-ECD797888AB3", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_workstations:*:*:*:*:*", "matchCriteriaId": "D04E2381-68CB-455F-8878-17C8E4112C95", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*", "matchCriteriaId": "4AE00A20-8152-48D9-9AC4-EA359284E635", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*", "matchCriteriaId": "6B334073-9FF3-4F75-8702-51DB6937B7F6", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:*", "matchCriteriaId": "2D553EF0-6A08-4DD0-A301-99AADAFBFFBB", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*", "matchCriteriaId": "C8C41338-0651-425E-A823-C8CBD91977D0", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*", "matchCriteriaId": "46F72328-7B69-4A1B-A065-E65544F27A75", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:mimesweeper:*:*:*:*:*", "matchCriteriaId": "2BA28970-0DB9-433E-83A1-36BF05DB062A", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*", "matchCriteriaId": "C0D25A1D-2B31-4B29-96FE-A793F8244F66", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*", "matchCriteriaId": "AC90ADFD-32FE-4EA1-9583-5EFE585152CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:mimesweeper:*:*:*:*:*", "matchCriteriaId": "B490FC59-616A-4F90-95D8-50F9C0D6CB40", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*", "matchCriteriaId": "858468E0-4208-4703-A3AA-4BF6CC254DDB", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*", "matchCriteriaId": "4E26052D-35B8-44E7-8F66-442BA55F4483", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*", "matchCriteriaId": "CBA4A9B7-626A-4539-852F-96C49D860E41", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*", "matchCriteriaId": "19828867-7079-4233-A3B8-BF7A3052FB8B", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*", "matchCriteriaId": "831F0C4D-C85F-46DA-BC9E-D3F56DE2B085", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*", "matchCriteriaId": "7F996B07-8B07-42A6-86FC-B5B55F708861", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_for_firewalls:6.20:*:*:*:*:*:*:*", "matchCriteriaId": "119D5A71-E7C2-4603-9D78-A161D82BC2D1", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2003:*:*:*:*:*:*:*", "matchCriteriaId": "6689D4E1-F8DC-46D9-BA35-4E4AE9C28456", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*", "matchCriteriaId": "0429B86A-F228-44E8-ABBB-D57BEE3679F1", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.5:*:*:*:*:*:*:*", "matchCriteriaId": "72DE7015-C1FF-4803-8B28-5AF5ECC3AAB2", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.6:*:*:*:*:*:*:*", "matchCriteriaId": "D04F7296-3290-40D1-9CFB-E52FADAE5719", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.7:*:*:*:*:*:*:*", "matchCriteriaId": "B9A0DDB6-4B86-430E-879A-C835DBB96C42", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*", "matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C", "vulnerable": true }, { "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*", "matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4", "vulnerable": true }, { "criteria": "cpe:2.3:a:rarlab:winrar:3.20:*:*:*:*:*:*:*", "matchCriteriaId": "C1011521-AEF2-40EB-B671-66B20FF01CC5", "vulnerable": true }, { "criteria": "cpe:2.3:a:redhat:lha:1.14i-9:*:i386:*:*:*:*:*", "matchCriteriaId": "EB59539A-8973-45C8-A553-1B524DA43937", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:stalker:cgpmcafee:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "FC4CB399-2E2F-4A73-BA41-3EFB0DBDC404", "vulnerable": true }, { "criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.14:*:*:*:*:*:*:*", "matchCriteriaId": "081C75A4-FDB1-4941-8276-985570632A82", "vulnerable": true }, { "criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.15:*:*:*:*:*:*:*", "matchCriteriaId": "A623BD1B-DB9A-4545-9970-E3492AA39A33", "vulnerable": true }, { "criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.17:*:*:*:*:*:*:*", "matchCriteriaId": "8984B914-9850-405C-AAE6-A7C266F13BA3", "vulnerable": true }, { "criteria": "cpe:2.3:a:winzip:winzip:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "523ADB29-C3D5-4C06-89B6-22B5FC68C240", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes (\"//absolute/path\")." }, { "lang": "es", "value": "M\u00faltiples vulnerabilidades de atravesamiento de directorios en LHA 1.14 permite a atacantes locales o usuarios locales crear ficheros arbitrarios mediante un archivo LHA conteniendo nombres de fichero con secuencias (1) \"..\" (punto punto) o (2) rutas absolutas con barra inicial doble (\"//ruta/absoluta\")." } ], "id": "CVE-2004-0235", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-08-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840" }, { "source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200405-02.xml" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2004/dsa-515" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-178.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-179.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/10243" }, { "source": "cve@mitre.org", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200405-02.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2004/dsa-515" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-178.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-179.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/10243" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
apache | http_server | 1.3.26 | |
apache | http_server | 1.3.27 | |
apache | http_server | 1.3.28 | |
apache | http_server | 1.3.29 | |
apache | http_server | 1.3.31 | |
hp | virtualvault | 11.0.4 | |
hp | webproxy | 2.0 | |
hp | webproxy | 2.1 | |
ibm | http_server | 1.3.26 | |
ibm | http_server | 1.3.26.1 | |
ibm | http_server | 1.3.26.2 | |
ibm | http_server | 1.3.28 | |
sgi | propack | 2.4 | |
hp | vvos | 11.04 | |
openbsd | openbsd | * | |
openbsd | openbsd | 3.4 | |
openbsd | openbsd | 3.5 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:apache:http_server:1.3.26:*:*:*:*:*:*:*", "matchCriteriaId": "E130104B-86F5-411E-8AC0-9B4B780BCA00", "vulnerable": true }, { "criteria": "cpe:2.3:a:apache:http_server:1.3.27:*:*:*:*:*:*:*", "matchCriteriaId": "0E62E621-74DA-4D99-A79C-AD2B85896A2B", "vulnerable": true }, { "criteria": "cpe:2.3:a:apache:http_server:1.3.28:*:*:*:*:*:*:*", "matchCriteriaId": "2C577188-BD56-4571-A61A-1684DC9E9DD9", "vulnerable": true }, { "criteria": "cpe:2.3:a:apache:http_server:1.3.29:*:*:*:*:*:*:*", "matchCriteriaId": "5B3A4CD9-1E96-4D3B-938D-F2D15855B0DD", "vulnerable": true }, { "criteria": "cpe:2.3:a:apache:http_server:1.3.31:*:*:*:*:*:*:*", "matchCriteriaId": "4058CE14-1CC8-42FD-A6BD-6869C1610E57", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:virtualvault:11.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "5B8853E4-FEA2-4760-8734-5110D785F3F3", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:webproxy:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "5FFE6E5A-6D37-494F-B9E5-37116DDC120A", "vulnerable": true }, { "criteria": "cpe:2.3:a:hp:webproxy:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "F8BA3FB4-63B7-4B3E-A2EA-137B93D076DB", "vulnerable": true }, { "criteria": "cpe:2.3:a:ibm:http_server:1.3.26:*:*:*:*:*:*:*", "matchCriteriaId": "9F43768E-F635-4A5E-892E-F8A732AC9F96", "vulnerable": true }, { "criteria": "cpe:2.3:a:ibm:http_server:1.3.26.1:*:*:*:*:*:*:*", "matchCriteriaId": "BCE51E2D-29DA-41D8-824A-05FD4D208ABB", "vulnerable": true }, { "criteria": "cpe:2.3:a:ibm:http_server:1.3.26.2:*:*:*:*:*:*:*", "matchCriteriaId": "7581135B-5A4C-48DA-8FCC-A06FB0C22072", "vulnerable": true }, { "criteria": "cpe:2.3:a:ibm:http_server:1.3.28:*:*:*:*:*:*:*", "matchCriteriaId": "B4ED546C-D170-475B-9BB5-F23EAAD8B035", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:hp:vvos:11.04:*:*:*:*:*:*:*", "matchCriteriaId": "1D462D6F-EB68-4E31-87FD-D918F5DEF3FB", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*", "matchCriteriaId": "CA3CDD3C-DBA6-4BA2-967D-AD746822F3CF", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*", "matchCriteriaId": "BDA160D4-5CAB-44E7-880A-59DD98FEAD62", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data to be copied." }, { "lang": "es", "value": "Desbordamiento de b\u00fafer basado en el mont\u00f3n en proxy_util.c de mod_proxy en Apache 1.3.25 a 1.3.31 permite a atacantes remotos causar un denegaci\u00f3n de servicio (ca\u00edda del proceso) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n mediante un campo de cabecera HTTP Content-Length negativo, lo que causa que una gran cantidad de datos sean copiados." } ], "id": "CVE-2004-0492", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-08-06T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=108711172710140\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2004-245.html" }, { "source": "cve@mitre.org", "url": "http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/11841" }, { "source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1" }, { "source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1" }, { "source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-525" }, { "source": "cve@mitre.org", "url": "http://www.guninski.com/modproxy1.html" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/541310" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:065" }, { "source": "cve@mitre.org", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1737" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16387" }, { "source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E" }, { "source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E" }, { "source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E" }, { "source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E" }, { "source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E" }, { "source": "cve@mitre.org", "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=108711172710140\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=130497311408250\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2004-245.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/lists/fulldisclosure/2004/Jun/0296.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/11841" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101555-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57628-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-525" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.guninski.com/modproxy1.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/541310" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:065" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1737" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16387" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5%40%3Ccvs.httpd.apache.org%3E" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r734a07156abf332d5ab27fb91d9d962cacfef4f3681e44056f064fa8%40%3Ccvs.httpd.apache.org%3E" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3Ccvs.httpd.apache.org%3E" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3Ccvs.httpd.apache.org%3E" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e%40%3Ccvs.httpd.apache.org%3E" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100112" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4863" } ], "sourceIdentifier": "cve@mitre.org", "vendorComments": [ { "comment": "Fixed in Apache HTTP Server 1.3.32:\nhttp://httpd.apache.org/security/vulnerabilities_13.html", "lastModified": "2008-07-02T00:00:00", "organization": "Apache" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9:*:*:*:*:*:*:*", "matchCriteriaId": "83C48EC3-D0BA-4A5D-93B0-6931CB3587AB", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "CB461B6B-B731-4732-AAD0-191BE50189D9", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "19961880-D38A-4785-A7C5-879A061119BE", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "831705D2-C4DE-475F-B908-8859064AFB38", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "A4622585-20E2-46E9-B773-74729FF22EEB", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.5:*:*:*:*:*:*:*", "matchCriteriaId": "E86ADCB6-0940-4CB9-85F1-A7694210FB66", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.6:*:*:*:*:*:*:*", "matchCriteriaId": "042B6289-D2E2-4369-BB40-EA6EE7025D23", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.7:*:*:*:*:*:*:*", "matchCriteriaId": "C93D7B7E-F5F9-44A2-A87B-4A16634DEDAD", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.8:*:*:*:*:*:*:*", "matchCriteriaId": "F0A48938-30B8-4403-B08A-177FFCB9054B", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.9:*:*:*:*:*:*:*", "matchCriteriaId": "C9A33AA4-CABF-4B6B-8688-8C1BD36D6649", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.10:*:*:*:*:*:*:*", "matchCriteriaId": "67B81EFD-27C1-411C-AFF3-E5340627E3BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.11:*:*:*:*:*:*:*", "matchCriteriaId": "680934CF-7F9B-41E4-AA03-ECD96F477AB9", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.12:*:*:*:*:*:*:*", "matchCriteriaId": "6F1F3D3E-A6D6-4C1A-8BC6-5579C19A7A45", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.13:*:*:*:*:*:*:*", "matchCriteriaId": "3BCF3AFF-ED4D-40F6-A2DD-04C0A6D3BD64", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.14:*:*:*:*:*:*:*", "matchCriteriaId": "DBCCE368-64E6-4CEC-B068-9B8BA2527289", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.15:*:*:*:*:*:*:*", "matchCriteriaId": "CF5374A4-5194-45FD-895D-B04FDC7E853C", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.9.16:*:*:*:*:*:*:*", "matchCriteriaId": "4038BC6D-DE51-4F1C-A25C-CD7FC6CE8CF6", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10:*:*:*:*:*:*:*", "matchCriteriaId": "338CEFD7-EBC0-43FB-B482-9A3D0834447E", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "136FF83B-2B03-4E5F-95C1-84195BE8392A", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "898E6919-542F-4A31-8CC0-C3C4CE0F9FCF", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "350ABD20-6BB8-4EDB-9DD1-6D1802D892A7", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.4:*:*:*:*:*:*:*", "matchCriteriaId": "F5A659C0-2CDA-44EF-9D5F-0A57B3F14E5E", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.5:*:*:*:*:*:*:*", "matchCriteriaId": "FB12CA01-E0EA-4E84-802F-CC52268D65FD", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.6:*:*:*:*:*:*:*", "matchCriteriaId": "9704EC6E-7219-41FC-BE00-CD91A246C61E", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.7:*:*:*:*:*:*:*", "matchCriteriaId": "2B93B95E-F295-468C-A6A2-5AA6DE729E52", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4007B0D-9606-46BD-866A-7911BEA292BE", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:altlinux:alt_linux:2.3:*:compact:*:*:*:*:*", "matchCriteriaId": "64BE98C2-8EFA-4349-9FE2-D62CA63A16C4", "vulnerable": true }, { "criteria": "cpe:2.3:o:altlinux:alt_linux:2.3:*:junior:*:*:*:*:*", "matchCriteriaId": "7D0AC3A3-A37C-4053-B05F-A031877AC811", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*", "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*", "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*", "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*", "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*", "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*", "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*", "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*", "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*", "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "28CD54FE-D682-4063-B7C3-8B29B26B39AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.0:*:i386:*:*:*:*:*", "matchCriteriaId": "37F124FE-15F1-49D7-9E03-8E036CE1A20C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "F8C55338-3372-413F-82E3-E1B476D6F41A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "1EFB33BF-F6A5-48C1-AEB5-194FCBCFC958", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "FB0E2D3B-B50A-46C2-BA1E-3E014DE91954", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "CFABFCE5-4F86-4AE8-9849-BC360AC72098", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet." } ], "id": "CVE-2004-1142", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-12-15T05:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/13468/" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.ciac.org/ciac/bulletins/p-061.shtml" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-613" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory", "URL Repurposed" ], "url": "http://www.ethereal.com/appnotes/enpa-sa-00016.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-15.xml" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:152" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-037.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11943" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18488" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11278" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/13468/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.ciac.org/ciac/bulletins/p-061.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-613" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory", "URL Repurposed" ], "url": "http://www.ethereal.com/appnotes/enpa-sa-00016.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200412-15.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:152" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-037.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/11943" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18488" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11278" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22:*:*:*:*:*:*:*", "matchCriteriaId": "B1512A96-B8E7-4DB7-A4CB-8FD3773BFC97", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.22_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "787B918D-9CCC-44FE-92AF-E8DF1E91A3C7", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23:*:*:*:*:*:*:*", "matchCriteriaId": "C116493B-2837-4531-9291-A9FF03099A97", "vulnerable": true }, { "criteria": "cpe:2.3:a:easy_software_products:cups:1.1.23_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "525BD04B-387F-4713-BC89-472D0D0BCFD0", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "6BF92649-90CE-4E75-A938-61D0916B5A7E", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "2CA505B4-0C17-49C8-9533-CA8CE3AA77D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "37C08E0A-651F-458B-BCEC-A30DCD527E47", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "6000D6AF-C056-4BC0-A54C-72E23E52AB92", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:koffice:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "A7D036E4-FA49-417D-968B-9D73B16A09BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "EDAF6452-F3B0-4F62-893E-BCFA6AB7AE3B", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kpdf:3.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "BC2AB9CB-DEAB-45AB-A7CA-D19E069907EC", "vulnerable": true }, { "criteria": "cpe:2.3:a:kde:kword:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "EAC32BAA-99B3-4B40-83A3-ED9E1B12B295", "vulnerable": true }, { "criteria": "cpe:2.3:a:libextractor:libextractor:*:*:*:*:*:*:*:*", "matchCriteriaId": "679D9520-DE8E-4D06-A227-3B1C1D05977D", "vulnerable": true }, { "criteria": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "63C92F1C-3005-4EA6-B9C0-2BC2E3D611D6", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:sp6:*:*:*:*:*:*", "matchCriteriaId": "EF8ABD90-AD2B-4FA0-A355-9D7CD6D3C486", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "C86C7D6F-C39E-4403-86C6-F87599570E97", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "236005A1-C175-44D3-8D0C-C48F943F3D66", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "0AF2AD80-5E65-4B57-933B-C395E98EF10D", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "07C92A0E-1DDA-4F83-A904-24A35C38883A", "vulnerable": true }, { "criteria": "cpe:2.3:a:tetex:tetex:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9178B36F-41D5-4AE7-B9C8-56BDEADE76EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:xpdf:xpdf:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B93B3ED-AF82-49A9-8C7F-E5F652F19669", "vulnerable": true }, { "criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2CAE037F-111C-4A76-8FFE-716B74D65EF3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*", "matchCriteriaId": "A6B060E4-B5A6-4469-828E-211C52542547", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*", "matchCriteriaId": "974C3541-990C-4CD4-A05A-38FA74A84632", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*", "matchCriteriaId": "6CBF1E0F-C7F3-4F83-9E60-6E63FA7D2775", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*", "matchCriteriaId": "58792F77-B06F-4780-BA25-FE1EE6C3FDD9", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*", "matchCriteriaId": "C9419322-572F-4BB6-8416-C5E96541CF33", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*", "matchCriteriaId": "BFC50555-C084-46A3-9C9F-949C5E3BB448", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*", "matchCriteriaId": "9C25D6E1-D283-4CEA-B47B-60C47A5C0797", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*", "matchCriteriaId": "AD18A446-C634-417E-86AC-B19B6DDDC856", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*", "matchCriteriaId": "E4BB852E-61B2-4842-989F-C6C0C901A8D7", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*", "matchCriteriaId": "24DD9D59-E2A2-4116-A887-39E8CC2004FC", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*", "matchCriteriaId": "F28D7457-607E-4E0C-909A-413F91CFCD82", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*", "matchCriteriaId": "5BF84240-1881-4EFB-BB2F-F9CE8AD09C7B", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*", "matchCriteriaId": "AF8AE8C4-810F-41AB-A251-5A2D4DD6884D", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:arm:*:*:*:*:*", "matchCriteriaId": "5EACF214-FA27-44FF-A431-927AB79377A1", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*", "matchCriteriaId": "E2B58895-0E2A-4466-9CB2-0083349A83B2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*", "matchCriteriaId": "03F8220A-9B1C-40AA-AEAB-F9A93225FBD5", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*", "matchCriteriaId": "2311919C-7864-469D-B0F6-9B11D8D0A1C3", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*", "matchCriteriaId": "19876495-4C1A-487C-955A-C5AA46362A1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mips:*:*:*:*:*", "matchCriteriaId": "D75286DD-50BC-4B72-8AC8-E20730124DC2", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*", "matchCriteriaId": "1998C972-497E-4916-B50E-FB32303EEA8E", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "A6CD3DD9-3A8A-4716-A2D1-136A790AFF94", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*", "matchCriteriaId": "6CE2020A-4FB2-4FCD-8561-7BD147CD95EB", "vulnerable": true }, { "criteria": "cpe:2.3:o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*", "matchCriteriaId": "08E90AFA-C262-46D0-B60E-26B67C9602D5", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:*", "matchCriteriaId": "0315FB43-D199-4734-B724-50ED031C0020", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "11D69B83-4EF3-407B-8E8C-DE623F099C17", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.2:*:x86-64:*:*:*:*:*", "matchCriteriaId": "7D221688-18A0-453D-8D13-6B68011FCA13", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*", "matchCriteriaId": "597094EC-D23F-4EC4-A140-96F287679124", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:*", "matchCriteriaId": "C4FCF0D3-A6CB-448E-B0D3-DA82BE02DEC8", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E0F0D201-B1DC-4024-AF77-A284673618F3", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "052E3862-BFB7-42E7-889D-8590AFA8EF37", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF", "vulnerable": true }, { "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server_ia64:*:*:*:*:*", "matchCriteriaId": "A4A9461E-C117-42EC-9F14-DF2A82BA7C5D", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server_ia64:*:*:*:*:*", "matchCriteriaId": "409E324A-C040-494F-A026-9DCAE01C07F8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation_ia64:*:*:*:*:*", "matchCriteriaId": "6474B775-C893-491F-A074-802AFB1FEDD8", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "78B46FFA-5B09-473E-AD33-3DB18BD0DAFE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "EC79FF22-2664-4C40-B0B3-6D23B5F45162", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation_server:*:*:*:*:*", "matchCriteriaId": "0EFE2E73-9536-41A9-B83B-0A06B54857F4", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "F9440B25-D206-4914-9557-B5F030890DEC", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E9933557-3BCA-4D92-AD4F-27758A0D3347", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:*:workstation:*:*:*:*:*", "matchCriteriaId": "10A60552-15A5-4E95-B3CE-99A4B26260C1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF3BBBC3-3EF9-4E24-9DE2-627E172A5473", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "7D74A418-50F0-42C0-ABBC-BBBE718FF025", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*", "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E6996B14-925B-46B8-982F-3545328B506B", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC80CF67-C51D-442C-9526-CFEDE84A6304", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:fedora_core:core_4.0:*:*:*:*:*:*:*", "matchCriteriaId": "C720DACC-CF4B-4A00-818C-8303A7D7DED6", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*", "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux:9.0:*:i386:*:*:*:*:*", "matchCriteriaId": "F3FDE8C4-5FFD-4CC2-9F35-7C32043966D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "84A50ED3-FD0D-4038-B3E7-CC65D166C968", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:*", "matchCriteriaId": "8DBD9D3C-40AB-449D-A9A8-A09DF2DEDB96", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:5.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "D9D76A8D-832B-411E-A458-186733C66010", "vulnerable": true }, { "criteria": "cpe:2.3:o:sco:openserver:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "7458BA31-812E-40C9-BB92-8688A3BCBA56", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "D29C5A03-A7C9-4780-BB63-CF1E874D018D", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "B85EF0EE-3E61-4CA3-9F00-610AB2E1CFCF", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "70440F49-AEE9-41BE-8E1A-43AB657C8E09", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "02EE2D72-B1E6-4380-80B0-E40A23DDD115", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "F7446746-87B7-4BD3-AABF-1E0FAA8265AB", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:personal:*:*:*:*:*", "matchCriteriaId": "F239BA8A-6B41-4B08-8C7C-25D235812C50", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:professional:*:*:*:*:*", "matchCriteriaId": "89BA858B-9466-4640-84AE-DC5BDC65D6B8", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:s_390:*:*:*:*:*", "matchCriteriaId": "85F2D904-E830-4034-9CCB-0FF65019622C", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*", "matchCriteriaId": "56EF103F-5668-4754-A83B-D3662D0CE815", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:personal:*:*:*:*:*", "matchCriteriaId": "3EA56868-ACA1-4C65-9FFB-A68129D2428A", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:professional:*:*:*:*:*", "matchCriteriaId": "1BA2E629-58C6-4BA0-A447-F8F570B35E74", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "D5F98B9A-880E-45F0-8C16-12B22970F0D1", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:personal:*:*:*:*:*", "matchCriteriaId": "3BEE15E9-9194-4E37-AB3B-66ECD5AC9E11", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:professional:*:*:*:*:*", "matchCriteriaId": "C89BA3B6-370B-4911-A363-935A9C9EACF5", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:x86_64:*:*:*:*:*", "matchCriteriaId": "B905C6E9-5058-4FD7-95B6-CD6AB6B2F516", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:personal:*:*:*:*:*", "matchCriteriaId": "4F1B4D15-0562-44D6-B80B-35A8F432BD41", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:professional:*:*:*:*:*", "matchCriteriaId": "D84ABF78-0D85-4E15-907E-B5ACE86EB8C7", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:9.3:*:x86_64:*:*:*:*:*", "matchCriteriaId": "9C7018E7-F90C-435D-A07A-05A294EA2827", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:oss:*:*:*:*:*", "matchCriteriaId": "16915004-1006-41D6-9E42-D1A5041E442D", "vulnerable": true }, { "criteria": "cpe:2.3:o:suse:suse_linux:10.0:*:professional:*:*:*:*:*", "matchCriteriaId": "994ABCE2-3B9E-4E4E-83F7-CE2A79C70F64", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "53AF1A2D-B0A2-4097-AD1D-DF3AF27171BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "5AB70F82-52BB-4D0D-9A24-9AF67278466D", "vulnerable": true }, { "criteria": "cpe:2.3:o:trustix:secure_linux:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "100A2456-BF20-4461-8DC9-C61889322B29", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:10:*:*:*:*:*:*:*", "matchCriteriaId": "1C7D4F57-E186-497A-B390-92E5D2C7E894", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux:fuji:*:*:*:*:*:*:*", "matchCriteriaId": "CEC3F6F3-9A6E-4A98-A967-6776C872475C", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_hosting_edition:*:*:*:*:*:*:*", "matchCriteriaId": "FC3218DD-A565-4AB8-86FE-E7F59AC0535F", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_appliance_server:1.0_workgroup_edition:*:*:*:*:*:*:*", "matchCriteriaId": "97AEDB57-202F-4B53-8815-21836F177060", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_desktop:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "31C3FFDD-03BF-4FD4-B7A7-B62AFD5DBA19", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_home:*:*:*:*:*:*:*:*", "matchCriteriaId": "065FF0F1-7FAC-4584-92EA-EAA87DC76FA1", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_multimedia:*:*:*:*:*:*:*:*", "matchCriteriaId": "E27180A1-9767-4CD3-978C-7538155B162D", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_personal:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAAA9376-A060-49AE-86A7-6B28E26ED5D9", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "E06DCF0D-3241-453A-A0E4-937FE25EC404", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "B484D091-62DE-4EF2-AC54-26896CA8B315", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_server:10.0_x86:*:*:*:*:*:*:*", "matchCriteriaId": "EC5AC26E-3F3F-4D14-BE65-82B4432AB382", "vulnerable": true }, { "criteria": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "9428589A-0BD2-469E-978D-38239117D972", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ia64:*:*:*:*:*", "matchCriteriaId": "6E94583A-5184-462E-9FC4-57B35DA06DA7", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:4.1:*:ppc:*:*:*:*:*", "matchCriteriaId": "E905FAAD-37B6-4DD0-A752-2974F8336273", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:amd64:*:*:*:*:*", "matchCriteriaId": "3BD12488-1ED8-4751-ABF5-3578D54750A8", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:i386:*:*:*:*:*", "matchCriteriaId": "AE3733CF-4C88-443C-9B90-6477C9C500D0", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.04:*:powerpc:*:*:*:*:*", "matchCriteriaId": "9C500A75-D75E-45B4-B582-0F0DF27C3C04", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:amd64:*:*:*:*:*", "matchCriteriaId": "86FD134D-A5C5-4B08-962D-70CF07C74923", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:i386:*:*:*:*:*", "matchCriteriaId": "FA84692E-F99D-4207-B4F2-799A6ADB88AD", "vulnerable": true }, { "criteria": "cpe:2.3:o:ubuntu:ubuntu_linux:5.10:*:powerpc:*:*:*:*:*", "matchCriteriaId": "8B0F1091-4B76-44F5-B896-6D37E2F909A2", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference." } ], "id": "CVE-2005-3626", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2005-12-31T05:00:00.000", "references": [ { "source": "secalert@redhat.com", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "secalert@redhat.com", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "secalert@redhat.com", "tags": [ "Exploit" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18147" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18334" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18335" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18373" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18380" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18414" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18425" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18428" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18436" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18463" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18908" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/18913" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19230" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19377" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/25729" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "secalert@redhat.com", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "secalert@redhat.com", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992" }, { "source": "secalert@redhat.com", "url": "https://usn.ubuntu.com/236-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2006-0177.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://scary.beasts.org/security/CESA-2005-003.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18147" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18303" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18312" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18313" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18329" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18332" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18334" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18335" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18338" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18349" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18373" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18375" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18380" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18385" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18387" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18389" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18398" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18407" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18414" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18416" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18423" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18425" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18428" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18436" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18448" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18463" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18517" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18534" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18554" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/18582" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18642" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18644" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18674" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18675" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/18679" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18908" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18913" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19230" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19377" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25729" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.472683" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.474747" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-931" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-932" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-937" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-938" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2005/dsa-940" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-936" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-950" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2006/dsa-961" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-962" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-02.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200601-17.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.kde.org/info/security/advisory-20051207-2.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:003" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:004" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:005" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:006" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:008" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:010" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:011" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00010.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00011.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00030.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-January/msg00031.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0160.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0163.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427053/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/427990/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/16143" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trustix.org/errata/2006/0002/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/0047" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/2280" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24026" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9992" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/236-1/" } ], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [ { "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.", "lastModified": "2007-03-14T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-399" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
metamail_corporation | metamail | * | |
sgi | propack | 2.3 | |
sgi | propack | 2.4 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | enterprise_linux | 2.1 | |
redhat | linux_advanced_workstation | 2.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:metamail_corporation:metamail:*:*:*:*:*:*:*:*", "matchCriteriaId": "62602141-B1CA-484C-97CC-4E85F34EC8C1", "versionEndIncluding": "2.7", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*", "matchCriteriaId": "2641EE56-6F9D-400B-B456-877F4DA79B10", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "E0B458EA-495E-40FA-9379-C03757F7B1EE", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*", "matchCriteriaId": "1728AB5D-55A9-46B0-A412-6F7263CAEB5A", "vulnerable": true }, { "criteria": "cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*", "matchCriteriaId": "777F9EC0-2919-45CA-BFF8-78A02537C513", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code." }, { "lang": "es", "value": "M\u00faltiples vulnerabilidades de cadena de formato en Metamail 2.7 y anteriores permiten a atacantes remotos ejecutar c\u00f3digo arbitrario." } ], "id": "CVE-2004-0104", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-03-03T05:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=107713476911429\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/10908" }, { "source": "cve@mitre.org", "url": "http://www.ciac.org/ciac/bulletins/o-083.shtml" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2004/dsa-449" }, { "source": "cve@mitre.org", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/518518" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:014" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-073.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9692" }, { "source": "cve@mitre.org", "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15245" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15259" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=107713476911429\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/10908" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ciac.org/ciac/bulletins/o-083.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2004/dsa-449" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "US Government Resource" ], "url": "http://www.kb.cert.org/vuls/id/518518" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:014" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-073.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/9692" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.404734" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15245" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15259" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
ethereal_group | ethereal | 0.10.1 | |
ethereal_group | ethereal | 0.10.2 | |
ethereal_group | ethereal | 0.10.3 | |
sgi | propack | 2.4 | |
sgi | propack | 3.0 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "136FF83B-2B03-4E5F-95C1-84195BE8392A", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "898E6919-542F-4A31-8CC0-C3C4CE0F9FCF", "vulnerable": true }, { "criteria": "cpe:2.3:a:ethereal_group:ethereal:0.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "350ABD20-6BB8-4EDB-9DD1-6D1802D892A7", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The SPNEGO dissector in Ethereal 0.9.8 to 0.10.3 allows remote attackers to cause a denial of service (crash) via unknown attack vectors that cause a null pointer dereference." }, { "lang": "es", "value": "El diseccionador de SPNEGO en Ethereal 0.9.8 a 0.10.3 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) mediante vectores de ataque desconocidos que causan una desreferencia de puntero nulo." } ], "id": "CVE-2004-0506", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-08-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/11608" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/11776" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/11836" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200406-01.xml" }, { "source": "cve@mitre.org", "url": "http://securitytracker.com/id?1010158" }, { "source": "cve@mitre.org", "url": "http://www.ciac.org/ciac/bulletins/o-150.shtml" }, { "source": "cve@mitre.org", "tags": [ "URL Repurposed" ], "url": "http://www.ethereal.com/appnotes/enpa-sa-00014.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-234.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/10347" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16151" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9695" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A987" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000916" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/11608" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/11776" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/11836" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200406-01.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1010158" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ciac.org/ciac/bulletins/o-150.shtml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "URL Repurposed" ], "url": "http://www.ethereal.com/appnotes/enpa-sa-00014.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.redhat.com/support/errata/RHSA-2004-234.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/10347" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16151" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9695" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A987" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
sgi | propack | 3.0 | |
linux | linux_kernel | 2.4.22 | |
linux | linux_kernel | 2.4.23 | |
linux | linux_kernel | 2.4.23 | |
linux | linux_kernel | 2.4.23_ow2 | |
linux | linux_kernel | 2.4.24 | |
linux | linux_kernel | 2.4.24_ow1 | |
linux | linux_kernel | 2.4.25 | |
linux | linux_kernel | 2.6.1 | |
linux | linux_kernel | 2.6.1 | |
linux | linux_kernel | 2.6.1 | |
linux | linux_kernel | 2.6.2 | |
linux | linux_kernel | 2.6.3 | |
slackware | slackware_linux | 9.1 | |
slackware | slackware_linux | current |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.22:*:*:*:*:*:*:*", "matchCriteriaId": "9336ABDF-9928-49F6-BAA7-D6E9829F9B1F", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:*:*:*:*:*:*:*", "matchCriteriaId": "BB45C3B2-0F5D-4AE2-AE00-E1D6501E8D92", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23:pre9:*:*:*:*:*:*", "matchCriteriaId": "8D27D843-2DA7-4481-857C-09FDC4FBD45C", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.23_ow2:*:*:*:*:*:*:*", "matchCriteriaId": "BCB93128-2743-4668-8C48-9B7282D4A672", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24:*:*:*:*:*:*:*", "matchCriteriaId": "040991B8-FB4B-480B-B53B-AA7A884F9F19", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.24_ow1:*:*:*:*:*:*:*", "matchCriteriaId": "BFA592BC-5846-4FC1-B2A7-13E622705DA8", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.4.25:*:*:*:*:*:*:*", "matchCriteriaId": "59688C40-C92F-431E-ADD7-6782622862D3", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "E8220D81-9065-471F-9256-CFE7B9941555", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*", "matchCriteriaId": "D2A55C17-C530-4898-BC95-DE4D495F0D7C", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*", "matchCriteriaId": "2C14A949-E2B8-4100-8ED4-645CB996B08A", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "EB445E3E-CCBD-4737-BE30-841B9A79D558", "vulnerable": true }, { "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "F5301E27-8021-467C-A9A2-AF2137EF0299", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:current:*:*:*:*:*:*:*", "matchCriteriaId": "B1CB2DD9-E77F-46EE-A145-F87AD10EA8E4", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option." }, { "lang": "es", "value": "Desbordamiento de enteros en la funci\u00f3n ip_setsockopt en el kernel de Linux 2.4.22 a 2.4.25 y 2.6.1 a 2.6.3 permite a usuarios locales causar una denegaci\u00f3n de servicio (ca\u00edda) o ejecutar c\u00f3digo arbitrario mediante la opci\u00f3n de socket MCAST_MSFILTER." } ], "id": "CVE-2004-0424", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-07-07T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040504-01-U.asc" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000852" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=108253171301153\u0026w=2" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.isec.pl/vulnerabilities/isec-0015-msfilter.txt" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4285.html" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:037" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2004_10_kernel.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-183.html" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/10179" }, { "source": "cve@mitre.org", "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.659586" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15907" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11214" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A939" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040504-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000852" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=108253171301153\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.isec.pl/vulnerabilities/isec-0015-msfilter.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.linuxsecurity.com/advisories/engarde_advisory-4285.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:037" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2004_10_kernel.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-183.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/bid/10179" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2004\u0026m=slackware-security.659586" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15907" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11214" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A939" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
open_webmail | open_webmail | 2.30 | |
open_webmail | open_webmail | 2.31 | |
open_webmail | open_webmail | 2.32 | |
sgi | propack | 3.0 | |
squirrelmail | squirrelmail | 1.2.0 | |
squirrelmail | squirrelmail | 1.2.1 | |
squirrelmail | squirrelmail | 1.2.2 | |
squirrelmail | squirrelmail | 1.2.3 | |
squirrelmail | squirrelmail | 1.2.4 | |
squirrelmail | squirrelmail | 1.2.5 | |
squirrelmail | squirrelmail | 1.2.6 | |
squirrelmail | squirrelmail | 1.2.7 | |
squirrelmail | squirrelmail | 1.2.8 | |
squirrelmail | squirrelmail | 1.2.9 | |
squirrelmail | squirrelmail | 1.2.10 | |
squirrelmail | squirrelmail | 1.2.11 | |
squirrelmail | squirrelmail | 1.4 | |
squirrelmail | squirrelmail | 1.4.1 | |
squirrelmail | squirrelmail | 1.4.2 | |
squirrelmail | squirrelmail | 1.4.3_rc1 | |
squirrelmail | squirrelmail | 1.5_dev |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:open_webmail:open_webmail:2.30:*:*:*:*:*:*:*", "matchCriteriaId": "9FCF6241-3F7C-4867-8D2E-CCA1BEFCA9D8", "vulnerable": true }, { "criteria": "cpe:2.3:a:open_webmail:open_webmail:2.31:*:*:*:*:*:*:*", "matchCriteriaId": "EC478ABF-19F8-4195-AA37-23668E2474EC", "vulnerable": true }, { "criteria": "cpe:2.3:a:open_webmail:open_webmail:2.32:*:*:*:*:*:*:*", "matchCriteriaId": "E3A87C77-5F6E-497D-A6A0-7D68D5E27E33", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "A55A98B3-34ED-4A90-BB78-50CB56B1B51F", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "CC5143ED-D4C5-4830-9C96-0B54D03679CB", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "9B765AEC-09E9-456C-8B57-09927E55D119", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "0AAFC3B0-DCE3-4190-B279-E095C666FA34", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "9291A565-0BD6-4B5E-B45F-9DE65AB8159D", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "B6F53A84-FC66-4963-A728-7285F63D4761", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "69A941FF-423E-49C5-AE1F-FE7ED016CA3D", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "B34FDB1D-881B-4343-A76E-F23B93A0469A", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "1E4DCB20-2A7F-4EE4-BAFA-AD74CD4456AB", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "052914F8-B52C-4AB4-8F85-68D788B588C9", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "617C554F-8E7D-4F8A-AF63-C193934C8215", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.11:*:*:*:*:*:*:*", "matchCriteriaId": "15F11950-A2E4-4F57-BF87-57788B841A21", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "026730B8-3919-4100-8607-C640ADBDD662", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "4AD31177-05BB-4623-AED7-765DB7E44E47", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "20247A22-9AB9-4BCE-BF28-350B52FBC62D", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "B08E51F1-3764-4146-89C1-20B9B8EE1222", "vulnerable": true }, { "criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.5_dev:*:*:*:*:*:*:*", "matchCriteriaId": "49EA7F58-14C6-4860-B276-46C9FCF91B2E", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php." }, { "lang": "es", "value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en mime.php de SquirrelMail anteriores a 1.4.3 permite a atacantes remotos insertar HTML y script de su elecci\u00f3n mediante la cabecera de correo Content-Type, como se ha demostrado usando read_body.php." } ], "id": "CVE-2004-0520", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-08-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000858" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=108611554415078\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=squirrelmail-cvs\u0026m=108532891231712" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2004-240.html" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/11870" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/12289" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-535" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200406-08.xml" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/advisories/6827" }, { "source": "cve@mitre.org", "tags": [ "Exploit", "Patch" ], "url": "http://www.securityfocus.com/bid/10439" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1733" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1012" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10766" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000858" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=108611554415078\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=squirrelmail-cvs\u0026m=108532891231712" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2004-240.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/11870" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/12289" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-535" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200406-08.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.securityfocus.com/advisories/6827" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Patch" ], "url": "http://www.securityfocus.com/bid/10439" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1733" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1012" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10766" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
cvs | cvs | 1.10.7 | |
cvs | cvs | 1.10.8 | |
cvs | cvs | 1.11 | |
cvs | cvs | 1.11.1 | |
cvs | cvs | 1.11.1_p1 | |
cvs | cvs | 1.11.2 | |
cvs | cvs | 1.11.3 | |
cvs | cvs | 1.11.4 | |
cvs | cvs | 1.11.5 | |
cvs | cvs | 1.11.6 | |
cvs | cvs | 1.11.10 | |
cvs | cvs | 1.11.11 | |
cvs | cvs | 1.11.14 | |
cvs | cvs | 1.11.15 | |
cvs | cvs | 1.11.16 | |
cvs | cvs | 1.12.1 | |
cvs | cvs | 1.12.2 | |
cvs | cvs | 1.12.5 | |
cvs | cvs | 1.12.7 | |
cvs | cvs | 1.12.8 | |
openpkg | openpkg | * | |
openpkg | openpkg | 1.3 | |
openpkg | openpkg | 2.0 | |
sgi | propack | 2.4 | |
sgi | propack | 3.0 | |
gentoo | linux | 1.4 | |
openbsd | openbsd | * | |
openbsd | openbsd | 3.4 | |
openbsd | openbsd | 3.5 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:cvs:cvs:1.10.7:*:*:*:*:*:*:*", "matchCriteriaId": "C9F7CA6E-7D45-46C9-A437-0D0C4D3F25CC", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.10.8:*:*:*:*:*:*:*", "matchCriteriaId": "62135DD0-140D-42C2-9302-31B5E2DE1A4A", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:*", "matchCriteriaId": "D92B456C-5F8E-4DC2-940C-AE06B42DD3A9", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "37B53C85-AA0E-40DD-B477-058586197714", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.1_p1:*:*:*:*:*:*:*", "matchCriteriaId": "D1D1234F-1BB0-432B-B7B7-A97E3ADD5561", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "6D472B97-F7C2-4973-9D71-AB3CF1F8774D", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.3:*:*:*:*:*:*:*", "matchCriteriaId": "9D0DCF26-59A8-46AC-99D7-97C203A0D702", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.4:*:*:*:*:*:*:*", "matchCriteriaId": "B31BAACA-7518-48D2-ADEE-F59F4569D3BF", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.5:*:*:*:*:*:*:*", "matchCriteriaId": "9D2748A8-5047-4338-A08E-986497AE4B1C", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.6:*:*:*:*:*:*:*", "matchCriteriaId": "525C4E91-2186-4D3A-9DF0-1C6A75A3F919", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.10:*:*:*:*:*:*:*", "matchCriteriaId": "EB231E7F-1A6F-4A79-8ED2-F6CAD311A5A6", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.11:*:*:*:*:*:*:*", "matchCriteriaId": "FF7105E4-25F8-4AE3-9EDD-D44BF3E17145", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.14:*:*:*:*:*:*:*", "matchCriteriaId": "7C22BAF3-7B9C-4B2E-B5C6-1F37B896C301", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.15:*:*:*:*:*:*:*", "matchCriteriaId": "4AFFAE96-873A-4253-BCC7-1049DA81D9CA", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.11.16:*:*:*:*:*:*:*", "matchCriteriaId": "D1163535-583A-4504-BE7B-8919143CDF9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "766053F7-A174-4716-BF49-76B50FC79FD8", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.2:*:*:*:*:*:*:*", "matchCriteriaId": "C7D2623F-167A-4976-B757-DAC4CCFAFE64", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.5:*:*:*:*:*:*:*", "matchCriteriaId": "FAEC4477-D040-450E-A850-8B03C937A600", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.7:*:*:*:*:*:*:*", "matchCriteriaId": "2848AA51-9AF1-448D-955F-50B5203F7229", "vulnerable": true }, { "criteria": "cpe:2.3:a:cvs:cvs:1.12.8:*:*:*:*:*:*:*", "matchCriteriaId": "7B66BE64-E340-4777-B877-483FEAA66988", "vulnerable": true }, { "criteria": "cpe:2.3:a:openpkg:openpkg:*:*:*:*:*:*:*:*", "matchCriteriaId": "F74941A0-97CA-44D4-B55B-9224F051D40F", "vulnerable": true }, { "criteria": "cpe:2.3:a:openpkg:openpkg:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "46B96764-9241-4586-9FA5-77D8D8EBE3BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:openpkg:openpkg:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "48A4B336-2D5B-4D9B-AA87-E5266FED05BD", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*", "matchCriteriaId": "CA3CDD3C-DBA6-4BA2-967D-AD746822F3CF", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "9496279F-AB43-4B53-81A6-87C651ABC4BA", "vulnerable": true }, { "criteria": "cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*", "matchCriteriaId": "BDA160D4-5CAB-44E7-880A-59DD98FEAD62", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Integer overflow in the \"Max-dotdot\" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space." }, { "lang": "es", "value": "Desobordamiento de enteros en la orden de protocolo CVS \"Max-dotdot\" (serve_max_dotdot) en CVS 1.12.x a 1.12.8 y 1.11.x a 1.11.16 puede permitir a atacantes remotos causar una ca\u00edda del servidor, lo que podr\u00eda hacer que datos temporales permanezcan sin detectar y consumir espacio en disco." } ], "id": "CVE-2004-0417", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-08-06T04:00:00.000", "references": [ { "source": "cve@mitre.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" }, { "source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq\u0026m=108716553923643\u0026w=2" }, { "source": "cve@mitre.org", "url": "http://security.e-matters.de/advisories/092004.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200406-06.xml" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-519" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-233.html" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1001" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11145" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq\u0026m=108716553923643\u0026w=2" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.e-matters.de/advisories/092004.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200406-06.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-519" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:058" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-233.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1001" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11145" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Vendor | Product | Version | |
---|---|---|---|
midnight_commander | midnight_commander | 4.5.40 | |
midnight_commander | midnight_commander | 4.5.41 | |
midnight_commander | midnight_commander | 4.5.42 | |
midnight_commander | midnight_commander | 4.5.43 | |
midnight_commander | midnight_commander | 4.5.44 | |
midnight_commander | midnight_commander | 4.5.45 | |
midnight_commander | midnight_commander | 4.5.46 | |
midnight_commander | midnight_commander | 4.5.47 | |
midnight_commander | midnight_commander | 4.5.48 | |
midnight_commander | midnight_commander | 4.5.49 | |
midnight_commander | midnight_commander | 4.5.50 | |
midnight_commander | midnight_commander | 4.5.51 | |
midnight_commander | midnight_commander | 4.5.52 | |
midnight_commander | midnight_commander | 4.5.55 | |
midnight_commander | midnight_commander | 4.6 | |
sgi | propack | 2.3 | |
sgi | propack | 2.4 | |
gentoo | linux | 0.5 | |
gentoo | linux | 0.7 | |
gentoo | linux | 1.1a | |
gentoo | linux | 1.2 | |
gentoo | linux | 1.4 | |
gentoo | linux | 1.4 | |
gentoo | linux | 1.4 | |
gentoo | linux | 1.4 | |
slackware | slackware_linux | * | |
slackware | slackware_linux | 9.0 | |
slackware | slackware_linux | 9.1 |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.40:*:*:*:*:*:*:*", "matchCriteriaId": "EB4028BE-4173-4175-B9EF-A85A47476A60", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.41:*:*:*:*:*:*:*", "matchCriteriaId": "FC64619A-D8C3-4613-9A51-849DC65DC959", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.42:*:*:*:*:*:*:*", "matchCriteriaId": "0A4BBBE0-E96D-4BCB-BF5B-673888C00AC3", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.43:*:*:*:*:*:*:*", "matchCriteriaId": "D410B4E1-DA7A-4F62-A0F9-E8C5A147BD45", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.44:*:*:*:*:*:*:*", "matchCriteriaId": "949399A7-6E77-4F12-86EE-7B6FBAA16D4C", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.45:*:*:*:*:*:*:*", "matchCriteriaId": "FDE8085F-84F3-4305-A52B-FEFF05E9FD17", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.46:*:*:*:*:*:*:*", "matchCriteriaId": "D5DA21F1-8700-437C-8D64-70D97A508598", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.47:*:*:*:*:*:*:*", "matchCriteriaId": "B03CA3A4-86E2-4E10-8F56-51B814F51540", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.48:*:*:*:*:*:*:*", "matchCriteriaId": "F5AA5CCF-F160-4092-A7E7-29459E2528F6", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.49:*:*:*:*:*:*:*", "matchCriteriaId": "F2B90B64-72A2-46D3-A6CC-07052FC70740", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.50:*:*:*:*:*:*:*", "matchCriteriaId": "1E7739C2-C590-479E-8A0B-2EC95E836E3B", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.51:*:*:*:*:*:*:*", "matchCriteriaId": "25C1FE96-BC31-48D3-BB64-F132E17B8244", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.52:*:*:*:*:*:*:*", "matchCriteriaId": "0BFFA28E-B2EA-4F1A-8A05-7F2B05572B99", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.5.55:*:*:*:*:*:*:*", "matchCriteriaId": "E5969E22-C2B8-4440-92D0-EF17ECFECFCD", "vulnerable": true }, { "criteria": "cpe:2.3:a:midnight_commander:midnight_commander:4.6:*:*:*:*:*:*:*", "matchCriteriaId": "98D27DF4-BCF6-4AB8-9117-80E2D1072C6C", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "26430687-409B-448F-934B-06AB937DDF63", "vulnerable": true }, { "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] }, { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:o:gentoo:linux:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "980553F2-8662-47CF-95F0-645141746AEA", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "40EBF1CD-B392-4262-8F06-2C784ADAF0F0", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.1a:*:*:*:*:*:*:*", "matchCriteriaId": "9C00F84A-FCD4-4935-B7DE-ECBA6AE9B074", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "960DC6C2-B285-41D4-96F7-ED97F8BD5482", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*", "matchCriteriaId": "D1FD0EB4-E744-4465-AFEE-A3C807C9C993", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*", "matchCriteriaId": "1D866A7D-F0B9-4EA3-93C6-1E7C2C2A861F", "vulnerable": true }, { "criteria": "cpe:2.3:o:gentoo:linux:1.4:rc3:*:*:*:*:*:*", "matchCriteriaId": "57772E3B-893C-408A-AA3B-78C972ED4D5E", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "F432C6C2-8676-4DD5-B9E6-71F6C164EF9D", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "300A6A65-05FD-401C-80F6-B5F5B1F056E0", "vulnerable": true }, { "criteria": "cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA3D53C9-3806-45E6-8AE9-7D41280EF64C", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to \"Insecure temporary file and directory creations.\"" }, { "lang": "es", "value": "M\u00faltiples vulnerabilidades en Midnight Commander (mc) anteriores a 4.6.0, con impacto desconocido, relacionadas con \"creaci\u00f3n insegura de ficheros y directorios temporales.\"" } ], "id": "CVE-2004-0231", "lastModified": "2025-04-03T01:03:51.193", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "LOW", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2004-08-18T04:00:00.000", "references": [ { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-497" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16020" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://security.gentoo.org/glsa/glsa-200405-21.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://www.debian.org/security/2004/dsa-497" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:039" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2004_12_mc.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2004-172.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16020" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
var-200412-0007
Vulnerability from variot
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. libtiff of tif_next.c , tif_thunder.c , tif_luv.c In RLE In the process of decompressing a compressed file, a buffer overflow vulnerability exists due to improper bounds checking.Crafted by a third party TIFF Format image files LibTIFF Interpretation via applications and components that use the library will cause the application to crash and cause denial of service (DoS) It may be possible to run into arbitrary code with the privileges of the target user. LibTIFF is affected by multiple buffer-overflow vulnerabilities because the software fails to properly perform boundary checks before copying user-supplied strings into finite process buffers. An attacker may leverage these issues to execute arbitrary code on a vulnerable computer with the privileges of the user running a vulnerable application, facilitating unauthorized access. The attacker may also leverage these issues to crash the affected application. libtiff is an application library responsible for encoding/decoding TIFF image format. kfax is a small tool for displaying FAX files, using the libtiff library. There is a problem with libtiff when processing fax files. kfax calls the libtiff library to process .g3 files. Attackers can build malformed .g3 files and entice users to process them, which can lead to buffer overflows. Carefully constructed file data may execute arbitrary instructions with user process privileges. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA 567-1 security@debian.org http://www.debian.org/security/ Martin Schulze October 15th, 2004 http://www.debian.org/security/faq
Package : tiff Vulnerability : heap overflows Problem-Type : remote Debian-specific: no CVE ID : CAN-2004-0803 CAN-2004-0804 CAN-2004-0886
Several problems have been discovered in libtiff, the Tag Image File Format library for processing TIFF graphics files.
CAN-2004-0804
Matthias Clasen discovered a division by zero through an integer
overflow.
CAN-2004-0886
Dmitry V. Levin discovered several integer overflows that caused
malloc issues which can result to either plain crash or memory
corruption.
For the stable distribution (woody) these problems have been fixed in version 3.5.5-6woody1.
For the unstable distribution (sid) these problems have been fixed in version 3.6.1-2.
We recommend that you upgrade your libtiff package.
Upgrade Instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
Source archives:
http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5-6woody1.dsc
Size/MD5 checksum: 635 11a374e916d818c05a373feb04cab6a0
http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5-6woody1.diff.gz
Size/MD5 checksum: 36717 6f4d137f7c935d57757313a610dbd389
http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5.orig.tar.gz
Size/MD5 checksum: 693641 3b7199ba793dec6ca88f38bb0c8cc4d8
Alpha architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_alpha.deb
Size/MD5 checksum: 141424 18b6e6b621178c1419de8a13a0a62366
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_alpha.deb
Size/MD5 checksum: 105148 875257fb73ba05a575d06650c130a545
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_alpha.deb
Size/MD5 checksum: 423194 9796f3e82553cedb237f1b574570f143
ARM architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_arm.deb
Size/MD5 checksum: 116928 5ed91b9586d830e8da9a5086fc5a6e76
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_arm.deb
Size/MD5 checksum: 90466 f04c381a418fd33602d1ba30158597d3
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_arm.deb
Size/MD5 checksum: 404262 30f13bfdf54cfca30ee5ca0f6c6d0e4e
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_i386.deb
Size/MD5 checksum: 112068 d15dfdf84f010be08799d456726e1d9d
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_i386.deb
Size/MD5 checksum: 81054 293f5c99f0a589917257ec7fee0b92fe
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_i386.deb
Size/MD5 checksum: 387052 9606adb1668decf5ac1ee02a94298e85
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_ia64.deb
Size/MD5 checksum: 158774 80c1b7ad68ecc78091ea95414125e81c
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_ia64.deb
Size/MD5 checksum: 135386 b17f87aa0ad98fc50aa8c137a6f5089c
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_ia64.deb
Size/MD5 checksum: 446496 757f3b6cc9d3f1ec5a2dfb1c3485caf3
HP Precision architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_hppa.deb
Size/MD5 checksum: 128298 46dece015f0282bca0af7f6e740e9d31
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_hppa.deb
Size/MD5 checksum: 106788 b837005b41c54c341cbd61e8fdb581ff
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_hppa.deb
Size/MD5 checksum: 420346 3a2b91ee22af99eec3ab42d81cf9d59f
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_m68k.deb
Size/MD5 checksum: 107302 0c702a3e5c2ad7ad7bd96dae64fa2d61
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_m68k.deb
Size/MD5 checksum: 79770 d67f4347d35bf898a6ab1914cb53a42f
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_m68k.deb
Size/MD5 checksum: 380218 42e6f07cf2e70de01ca40ac4a97254bf
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_mips.deb
Size/MD5 checksum: 124048 85d8c8cbb62cc62c876bf4ed721027cf
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_mips.deb
Size/MD5 checksum: 87840 5f3312f22b0f345c7eae434f5b871993
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_mips.deb
Size/MD5 checksum: 410770 be817ddffa91c423b55fda3388d7ce48
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_mipsel.deb
Size/MD5 checksum: 123558 42594e9270de16ff802c11eccf7a0efb
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_mipsel.deb
Size/MD5 checksum: 88198 a8f0abe9205431caf94dce77d11ac477
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_mipsel.deb
Size/MD5 checksum: 410860 68a12ef6d37fc575105c4ceb9b766949
PowerPC architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_powerpc.deb
Size/MD5 checksum: 116042 2258da94549ae05ffae643bc40790487
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_powerpc.deb
Size/MD5 checksum: 89424 c8d782561a299ffb65ea84b59d88117a
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_powerpc.deb
Size/MD5 checksum: 402372 1eca24adda52b40c7a8d789fdeb3cb2e
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_s390.deb
Size/MD5 checksum: 116870 dcddc86a0d96296c07076391adc9d754
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_s390.deb
Size/MD5 checksum: 91742 40c1de704b191e4abb65af8a4b7fd75d
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_s390.deb
Size/MD5 checksum: 395332 86d351b75f1f146ddad6d562ca77005c
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_sparc.deb
Size/MD5 checksum: 132888 9ed9db78d727ba8bfbb25c1e68b03bf2
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_sparc.deb
Size/MD5 checksum: 88556 a4069600bd9295a27d4eb6e9e0995495
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_sparc.deb
Size/MD5 checksum: 397026 149e12055c5711129552fa938b5af431
These files will probably be moved into the stable distribution on its next update.
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFBcA4UW5ql+IAeqTIRAgMFAKC3Kbs2MxW5XlOa3aK9oo76W8wt9gCfXzyA fD+15yHAK6bw15bB4ejaGV8= =KPqY -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-200412-0007", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "enterprise linux", "scope": "eq", "trust": 1.6, "vendor": "redhat", "version": "2.1" }, { "model": "enterprise linux", "scope": "eq", "trust": 1.6, "vendor": "redhat", "version": "3.0" }, { "model": "secure linux", "scope": "eq", "trust": 1.3, "vendor": "trustix", "version": "2.1" }, { "model": "secure linux", "scope": "eq", "trust": 1.3, "vendor": "trustix", "version": "2.0" }, { "model": "secure linux", "scope": "eq", "trust": 1.3, "vendor": "trustix", "version": "1.5" }, { "model": "linux", "scope": "eq", "trust": 1.3, "vendor": "suse", "version": "8.1" }, { "model": "pdf library", "scope": "eq", "trust": 1.3, "vendor": "pdflib", "version": "5.0.2" }, { "model": "libtiff", "scope": "eq", "trust": 1.3, "vendor": "libtiff", "version": "3.6.1" }, { "model": "libtiff", "scope": "eq", "trust": 1.3, "vendor": "libtiff", "version": "3.6.0" }, { "model": "libtiff", "scope": "eq", "trust": 1.3, "vendor": "libtiff", "version": "3.5.7" }, { "model": "libtiff", "scope": "eq", "trust": 1.3, "vendor": "libtiff", "version": "3.5.5" }, { "model": "libtiff", "scope": "eq", "trust": 1.3, "vendor": "libtiff", "version": "3.5.4" }, { "model": "libtiff", "scope": "eq", "trust": 1.3, "vendor": "libtiff", "version": "3.5.3" }, { "model": "libtiff", "scope": "eq", "trust": 1.3, "vendor": "libtiff", "version": "3.5.2" }, { "model": "libtiff", "scope": "eq", "trust": 1.3, "vendor": "libtiff", "version": "3.5.1" }, { "model": "libtiff", "scope": "eq", "trust": 1.3, "vendor": "libtiff", "version": "3.4" }, { "model": "kde", "scope": "eq", "trust": 1.3, "vendor": "kde", "version": "3.3.1" }, { "model": "kde", "scope": "eq", "trust": 1.3, "vendor": "kde", "version": "3.3" }, { "model": "kde", "scope": "eq", "trust": 1.3, "vendor": "kde", "version": "3.2.3" }, { "model": "kde", "scope": "eq", "trust": 1.3, "vendor": "kde", "version": "3.2.2" }, { "model": "kde", "scope": "eq", "trust": 1.3, "vendor": "kde", "version": "3.2.1" }, { "model": "kde", "scope": "eq", "trust": 1.3, "vendor": "kde", "version": "3.2" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.8" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.6" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.5" }, { "model": "fedora core", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "core_2.0" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.5" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.6" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "1.0" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "9.1" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "3.0" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3.6" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.1" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3.6" }, { "model": "wxgtk2", "scope": "eq", "trust": 1.0, "vendor": "wxgtk2", "version": "2.5_.0" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3.1" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.1" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.4" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.4" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.3" }, { "model": "mandrake linux", "scope": "eq", "trust": 1.0, "vendor": "mandrakesoft", "version": "10.0" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.3" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3.5" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3.1" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3.4" }, { "model": "linux advanced workstation", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "2.1" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3.4" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3.5" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.2" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.7" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.2" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.7" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3.3" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3.3" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3.2" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "9.0" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "8" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "8.2" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3.2" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.8" }, { "model": null, "scope": null, "trust": 0.8, "vendor": "apple computer", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "debian", "version": null }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "2.0" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "2.1" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3.0" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3.0 (x86-64)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "10 (sparc)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "10 (x86)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "7.0 (sparc)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "7.0 (x86)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "8 (sparc)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "8 (x86)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "9 (sparc)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "9 (x86)" }, { "model": "turbolinux", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "10_f" }, { "model": "turbolinux appliance server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "1.0 (hosting)" }, { "model": "turbolinux appliance server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "1.0 (workgroup)" }, { "model": "turbolinux desktop", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "10" }, { "model": "turbolinux server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "10" }, { "model": "turbolinux server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "7" }, { "model": "turbolinux server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "8" }, { "model": "turbolinux workstation", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "7" }, { "model": "turbolinux workstation", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "8" }, { "model": "home", "scope": null, "trust": 0.8, "vendor": "turbo linux", "version": null }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (ws)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (ws)" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3.0" }, { "model": "linux advanced workstation", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1" }, { "model": "wxgtk2", "scope": "eq", "trust": 0.3, "vendor": "wxgtk2", "version": "2.5.0" }, { "model": "wxgtk2", "scope": null, "trust": 0.3, "vendor": "wxgtk2", "version": null }, { "model": "secure enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "trustix", "version": "2.0" }, { "model": "tetex", "scope": "eq", "trust": 0.3, "vendor": "tetex", "version": "1.0.7" }, { "model": "tetex", "scope": "eq", "trust": 0.3, "vendor": "tetex", "version": "1.0.6" }, { "model": "linux enterprise server", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "8" }, { "model": "linux enterprise server", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "9" }, { "model": "linux desktop", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "1.0" }, { "model": "solaris 9 x86 update", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "2" }, { "model": "solaris 9 x86", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "solaris", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "9" }, { "model": "solaris 8 x86", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "solaris 8 sparc", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "solaris 7.0 x86", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "solaris", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "7.0" }, { "model": "solaris 10 x86", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "solaris 10.0 x86", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "solaris", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "10" }, { "model": "propack", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "3.0" }, { "model": "unixware", "scope": "eq", "trust": 0.3, "vendor": "sco", "version": "7.1.4" }, { "model": "linux personal", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.1" }, { "model": "linux personal", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.0" }, { "model": "linux personal", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "8.2" }, { "model": "fedora core2", "scope": null, "trust": 0.3, "vendor": "redhat", "version": null }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "enterprise linux ws ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "enterprise linux es ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "enterprise linux as ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3.0" }, { "model": "advanced workstation for the itanium processor ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "advanced workstation for the itanium processor", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "linux mandrake amd64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "10.0" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "10.0" }, { "model": "corporate server x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "3.0" }, { "model": "corporate server", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "3.0" }, { "model": "do not use", "scope": null, "trust": 0.3, "vendor": "libtiff", "version": null }, { "model": "modular messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.0" }, { "model": "modular messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.1" }, { "model": "modular messaging s3400", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "mn100", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "intuity lx", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "integrated management", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "cvlan", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.6" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.5" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.4" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.2" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.8" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.7" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.6" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.5" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.4" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.2" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.6" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.5" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.8" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.7" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.6" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.5" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2" }, { "model": "pdf library p1", "scope": "ne", "trust": 0.3, "vendor": "pdflib", "version": "5.0.4" }, { "model": "kde", "scope": "ne", "trust": 0.3, "vendor": "kde", "version": "3.3.2" } ], "sources": [ { "db": "CERT/CC", "id": "VU#948752" }, { "db": "BID", "id": "11406" }, { "db": "JVNDB", "id": "JVNDB-2004-000443" }, { "db": "CNNVD", "id": "CNNVD-200412-097" }, { "db": "NVD", "id": "CVE-2004-0803" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server", "vulnerable": true }, { "cpe22Uri": "cpe:/o:sun:solaris", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux_server", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux_workstation", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux_home", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:enterprise_linux", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2004-000443" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Chris Evans\u203b chris@ferret.lmh.ox.ac.uk", "sources": [ { "db": "CNNVD", "id": "CNNVD-200412-097" } ], "trust": 0.6 }, "cve": "CVE-2004-0803", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2004-0803", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "VHN-9233", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2004-0803", "trust": 1.0, "value": "HIGH" }, { "author": "CARNEGIE MELLON", "id": "VU#948752", "trust": 0.8, "value": "7.43" }, { "author": "NVD", "id": "CVE-2004-0803", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-200412-097", "trust": 0.6, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-9233", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "CERT/CC", "id": "VU#948752" }, { "db": "VULHUB", "id": "VHN-9233" }, { "db": "JVNDB", "id": "JVNDB-2004-000443" }, { "db": "CNNVD", "id": "CNNVD-200412-097" }, { "db": "NVD", "id": "CVE-2004-0803" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. libtiff of tif_next.c , tif_thunder.c , tif_luv.c In RLE In the process of decompressing a compressed file, a buffer overflow vulnerability exists due to improper bounds checking.Crafted by a third party TIFF Format image files LibTIFF Interpretation via applications and components that use the library will cause the application to crash and cause denial of service (DoS) It may be possible to run into arbitrary code with the privileges of the target user. LibTIFF is affected by multiple buffer-overflow vulnerabilities because the software fails to properly perform boundary checks before copying user-supplied strings into finite process buffers. \nAn attacker may leverage these issues to execute arbitrary code on a vulnerable computer with the privileges of the user running a vulnerable application, facilitating unauthorized access. The attacker may also leverage these issues to crash the affected application. libtiff is an application library responsible for encoding/decoding TIFF image format. kfax is a small tool for displaying FAX files, using the libtiff library. There is a problem with libtiff when processing fax files. kfax calls the libtiff library to process .g3 files. Attackers can build malformed .g3 files and entice users to process them, which can lead to buffer overflows. Carefully constructed file data may execute arbitrary instructions with user process privileges. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- --------------------------------------------------------------------------\nDebian Security Advisory DSA 567-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nOctober 15th, 2004 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : tiff\nVulnerability : heap overflows\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CAN-2004-0803 CAN-2004-0804 CAN-2004-0886\n\nSeveral problems have been discovered in libtiff, the Tag Image File\nFormat library for processing TIFF graphics files. \n\nCAN-2004-0804\n\n Matthias Clasen discovered a division by zero through an integer\n overflow. \n\nCAN-2004-0886\n\n Dmitry V. Levin discovered several integer overflows that caused\n malloc issues which can result to either plain crash or memory\n corruption. \n\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 3.5.5-6woody1. \n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 3.6.1-2. \n\nWe recommend that you upgrade your libtiff package. \n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5-6woody1.dsc\n Size/MD5 checksum: 635 11a374e916d818c05a373feb04cab6a0\n http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5-6woody1.diff.gz\n Size/MD5 checksum: 36717 6f4d137f7c935d57757313a610dbd389\n http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5.orig.tar.gz\n Size/MD5 checksum: 693641 3b7199ba793dec6ca88f38bb0c8cc4d8\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_alpha.deb\n Size/MD5 checksum: 141424 18b6e6b621178c1419de8a13a0a62366\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_alpha.deb\n Size/MD5 checksum: 105148 875257fb73ba05a575d06650c130a545\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_alpha.deb\n Size/MD5 checksum: 423194 9796f3e82553cedb237f1b574570f143\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_arm.deb\n Size/MD5 checksum: 116928 5ed91b9586d830e8da9a5086fc5a6e76\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_arm.deb\n Size/MD5 checksum: 90466 f04c381a418fd33602d1ba30158597d3\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_arm.deb\n Size/MD5 checksum: 404262 30f13bfdf54cfca30ee5ca0f6c6d0e4e\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_i386.deb\n Size/MD5 checksum: 112068 d15dfdf84f010be08799d456726e1d9d\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_i386.deb\n Size/MD5 checksum: 81054 293f5c99f0a589917257ec7fee0b92fe\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_i386.deb\n Size/MD5 checksum: 387052 9606adb1668decf5ac1ee02a94298e85\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_ia64.deb\n Size/MD5 checksum: 158774 80c1b7ad68ecc78091ea95414125e81c\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_ia64.deb\n Size/MD5 checksum: 135386 b17f87aa0ad98fc50aa8c137a6f5089c\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_ia64.deb\n Size/MD5 checksum: 446496 757f3b6cc9d3f1ec5a2dfb1c3485caf3\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_hppa.deb\n Size/MD5 checksum: 128298 46dece015f0282bca0af7f6e740e9d31\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_hppa.deb\n Size/MD5 checksum: 106788 b837005b41c54c341cbd61e8fdb581ff\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_hppa.deb\n Size/MD5 checksum: 420346 3a2b91ee22af99eec3ab42d81cf9d59f\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_m68k.deb\n Size/MD5 checksum: 107302 0c702a3e5c2ad7ad7bd96dae64fa2d61\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_m68k.deb\n Size/MD5 checksum: 79770 d67f4347d35bf898a6ab1914cb53a42f\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_m68k.deb\n Size/MD5 checksum: 380218 42e6f07cf2e70de01ca40ac4a97254bf\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_mips.deb\n Size/MD5 checksum: 124048 85d8c8cbb62cc62c876bf4ed721027cf\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_mips.deb\n Size/MD5 checksum: 87840 5f3312f22b0f345c7eae434f5b871993\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_mips.deb\n Size/MD5 checksum: 410770 be817ddffa91c423b55fda3388d7ce48\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_mipsel.deb\n Size/MD5 checksum: 123558 42594e9270de16ff802c11eccf7a0efb\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_mipsel.deb\n Size/MD5 checksum: 88198 a8f0abe9205431caf94dce77d11ac477\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_mipsel.deb\n Size/MD5 checksum: 410860 68a12ef6d37fc575105c4ceb9b766949\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_powerpc.deb\n Size/MD5 checksum: 116042 2258da94549ae05ffae643bc40790487\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_powerpc.deb\n Size/MD5 checksum: 89424 c8d782561a299ffb65ea84b59d88117a\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_powerpc.deb\n Size/MD5 checksum: 402372 1eca24adda52b40c7a8d789fdeb3cb2e\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_s390.deb\n Size/MD5 checksum: 116870 dcddc86a0d96296c07076391adc9d754\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_s390.deb\n Size/MD5 checksum: 91742 40c1de704b191e4abb65af8a4b7fd75d\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_s390.deb\n Size/MD5 checksum: 395332 86d351b75f1f146ddad6d562ca77005c\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_sparc.deb\n Size/MD5 checksum: 132888 9ed9db78d727ba8bfbb25c1e68b03bf2\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_sparc.deb\n Size/MD5 checksum: 88556 a4069600bd9295a27d4eb6e9e0995495\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_sparc.deb\n Size/MD5 checksum: 397026 149e12055c5711129552fa938b5af431\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.5 (GNU/Linux)\n\niD8DBQFBcA4UW5ql+IAeqTIRAgMFAKC3Kbs2MxW5XlOa3aK9oo76W8wt9gCfXzyA\nfD+15yHAK6bw15bB4ejaGV8=\n=KPqY\n-----END PGP SIGNATURE-----\n\n", "sources": [ { "db": "NVD", "id": "CVE-2004-0803" }, { "db": "CERT/CC", "id": "VU#948752" }, { "db": "JVNDB", "id": "JVNDB-2004-000443" }, { "db": "BID", "id": "11406" }, { "db": "VULHUB", "id": "VHN-9233" }, { "db": "PACKETSTORM", "id": "34737" } ], "trust": 2.79 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2004-0803", "trust": 3.8 }, { "db": "CERT/CC", "id": "VU#948752", "trust": 3.3 }, { "db": "BID", "id": "11406", "trust": 2.8 }, { "db": "SECUNIA", "id": "12818", "trust": 2.5 }, { "db": "XF", "id": "17703", "trust": 1.4 }, { "db": "SECTRACK", "id": "1011667", "trust": 0.8 }, { "db": "OSVDB", "id": "10750", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2004-000443", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-200412-097", "trust": 0.7 }, { "db": "OVAL", "id": "OVAL:ORG.MITRE.OVAL:DEF:100114", "trust": 0.6 }, { "db": "OVAL", "id": "OVAL:ORG.MITRE.OVAL:DEF:8896", "trust": 0.6 }, { "db": "SUSE", "id": "SUSE-SA:2004:038", "trust": 0.6 }, { "db": "MANDRAKE", "id": "MDKSA-2004:109", "trust": 0.6 }, { "db": "MANDRAKE", "id": "MDKSA-2005:052", "trust": 0.6 }, { "db": "SUNALERT", "id": "101677", "trust": 0.6 }, { "db": "SUNALERT", "id": "201072", "trust": 0.6 }, { "db": "GENTOO", "id": "GLSA-200410-11", "trust": 0.6 }, { "db": "REDHAT", "id": "RHSA-2005:021", "trust": 0.6 }, { "db": "REDHAT", "id": "RHSA-2004:577", "trust": 0.6 }, { "db": "REDHAT", "id": "RHSA-2005:354", "trust": 0.6 }, { "db": "BUGTRAQ", "id": "20041013 CESA-2004-006: LIBTIFF", "trust": 0.6 }, { "db": "CONECTIVA", "id": "CLA-2004:888", "trust": 0.6 }, { "db": "DEBIAN", "id": "DSA-567", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "34684", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "34737", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-9233", "trust": 0.1 } ], "sources": [ { "db": "CERT/CC", "id": "VU#948752" }, { "db": "VULHUB", "id": "VHN-9233" }, { "db": "BID", "id": "11406" }, { "db": "JVNDB", "id": "JVNDB-2004-000443" }, { "db": "PACKETSTORM", "id": "34684" }, { "db": "PACKETSTORM", "id": "34737" }, { "db": "CNNVD", "id": "CNNVD-200412-097" }, { "db": "NVD", "id": "CVE-2004-0803" } ] }, "id": "VAR-200412-0007", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-9233" } ], "trust": 0.01 }, "last_update_date": "2024-08-14T12:14:51.606000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "libtiff", "trust": 0.8, "url": "http://www.miraclelinux.com/support/update/data/libtiff.html" }, { "title": "AXSA-2005-62:1", "trust": 0.8, "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=184" }, { "title": "RHSA-2005:021", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2005-021.html" }, { "title": "RHSA-2005:354", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2005-354.html" }, { "title": "RHSA-2004:577", "trust": 0.8, "url": "http://rhn.redhat.com/errata/RHSA-2004-577.html" }, { "title": "101677", "trust": 0.8, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1" }, { "title": "TLSA-2005-4", "trust": 0.8, "url": "http://www.turbolinux.com/security/2005/TLSA-2005-4.txt" }, { "title": "RHSA-2005:021", "trust": 0.8, "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2005-021J.html" }, { "title": "RHSA-2005:354", "trust": 0.8, "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2005-354J.html" }, { "title": "RHSA-2004:577", "trust": 0.8, "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2004-577J.html" }, { "title": "TLSA-2005-4", "trust": 0.8, "url": "http://www.turbolinux.co.jp/security/2005/TLSA-2005-4j.txt" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2004-000443" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-Other", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2004-0803" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "http://scary.beasts.org/security/cesa-2004-006.txt" }, { "trust": 2.5, "url": "http://www.securityfocus.com/bid/11406" }, { "trust": 2.5, "url": "http://www.kb.cert.org/vuls/id/948752" }, { "trust": 2.0, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1" }, { "trust": 1.7, "url": "http://www.kde.org/info/security/advisory-20041209-2.txt" }, { "trust": 1.7, "url": "http://www.debian.org/security/2004/dsa-567" }, { "trust": 1.7, "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-11.xml" }, { "trust": 1.7, "url": "http://www.mandriva.com/security/advisories?name=mdksa-2004:109" }, { "trust": 1.7, "url": "http://www.mandriva.com/security/advisories?name=mdksa-2005:052" }, { "trust": 1.7, "url": "http://www.redhat.com/support/errata/rhsa-2004-577.html" }, { "trust": 1.7, "url": "http://www.redhat.com/support/errata/rhsa-2005-021.html" }, { "trust": 1.7, "url": "http://www.redhat.com/support/errata/rhsa-2005-354.html" }, { "trust": 1.7, "url": "http://secunia.com/advisories/12818" }, { "trust": 1.7, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1" }, { "trust": 1.7, "url": "http://www.novell.com/linux/security/advisories/2004_38_libtiff.html" }, { "trust": 1.6, "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000888" }, { "trust": 1.4, "url": "http://xforce.iss.net/xforce/xfdb/17703" }, { "trust": 1.1, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a100114" }, { "trust": 1.1, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a8896" }, { "trust": 1.1, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17703" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=109778785107450\u0026w=2" }, { "trust": 0.8, "url": "http://securitytracker.com/alerts/2004/oct/1011667.html" }, { "trust": 0.8, "url": "http://www.osvdb.org/displayvuln.php?osvdb_id=10750" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0803" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0803" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnvu%23948752" }, { "trust": 0.8, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0803" }, { "trust": 0.8, "url": "http://secunia.com/advisories/12818/" }, { "trust": 0.6, "url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:8896" }, { "trust": 0.6, "url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=109778785107450\u0026w=2" }, { "trust": 0.6, "url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:100114" }, { "trust": 0.3, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57769-1" }, { "trust": 0.3, "url": "http://www.libtiff.org/" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2004-577.html" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2005-021.html" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2005-354.html" }, { "trust": 0.3, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1\u0026searchclause=" }, { "trust": 0.3, "url": "http://support.avaya.com/elmodocs2/security/asa-2005-002_rhsa-2004-577.pdf" }, { "trust": 0.3, "url": "/archive/1/378421" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0803" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=109778785107450\u0026amp;w=2" }, { "trust": 0.1, "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026amp;anuncio=000888" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_s390.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_i386.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_alpha.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_hppa.deb" }, { "trust": 0.1, "url": "http://www.debian.org/security/faq" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_hppa.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_alpha.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_mipsel.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_ia64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_powerpc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_hppa.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_sparc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5-6woody1.dsc" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_arm.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_mips.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_mipsel.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_s390.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_ia64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_i386.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_mips.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_mipsel.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_mips.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_m68k.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5-6woody1.diff.gz" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_powerpc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_powerpc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_arm.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_i386.deb" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0804" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5.orig.tar.gz" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_ia64.deb" }, { "trust": 0.1, "url": "http://packages.debian.org/\u003cpkg\u003e" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_s390.deb" }, { "trust": 0.1, "url": "http://security.debian.org/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0886" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_sparc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_m68k.deb" }, { "trust": 0.1, "url": "http://www.debian.org/security/" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_alpha.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_arm.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_sparc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_m68k.deb" } ], "sources": [ { "db": "CERT/CC", "id": "VU#948752" }, { "db": "VULHUB", "id": "VHN-9233" }, { "db": "BID", "id": "11406" }, { "db": "JVNDB", "id": "JVNDB-2004-000443" }, { "db": "PACKETSTORM", "id": "34684" }, { "db": "PACKETSTORM", "id": "34737" }, { "db": "CNNVD", "id": "CNNVD-200412-097" }, { "db": "NVD", "id": "CVE-2004-0803" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CERT/CC", "id": "VU#948752" }, { "db": "VULHUB", "id": "VHN-9233" }, { "db": "BID", "id": "11406" }, { "db": "JVNDB", "id": "JVNDB-2004-000443" }, { "db": "PACKETSTORM", "id": "34684" }, { "db": "PACKETSTORM", "id": "34737" }, { "db": "CNNVD", "id": "CNNVD-200412-097" }, { "db": "NVD", "id": "CVE-2004-0803" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2004-12-01T00:00:00", "db": "CERT/CC", "id": "VU#948752" }, { "date": "2004-12-23T00:00:00", "db": "VULHUB", "id": "VHN-9233" }, { "date": "2004-10-13T00:00:00", "db": "BID", "id": "11406" }, { "date": "2007-04-01T00:00:00", "db": "JVNDB", "id": "JVNDB-2004-000443" }, { "date": "2004-10-20T02:32:00", "db": "PACKETSTORM", "id": "34684" }, { "date": "2004-10-26T02:30:56", "db": "PACKETSTORM", "id": "34737" }, { "date": "2004-10-14T00:00:00", "db": "CNNVD", "id": "CNNVD-200412-097" }, { "date": "2004-12-23T05:00:00", "db": "NVD", "id": "CVE-2004-0803" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2005-03-17T00:00:00", "db": "CERT/CC", "id": "VU#948752" }, { "date": "2017-10-11T00:00:00", "db": "VULHUB", "id": "VHN-9233" }, { "date": "2009-05-05T15:46:00", "db": "BID", "id": "11406" }, { "date": "2007-04-01T00:00:00", "db": "JVNDB", "id": "JVNDB-2004-000443" }, { "date": "2009-02-05T00:00:00", "db": "CNNVD", "id": "CNNVD-200412-097" }, { "date": "2017-10-11T01:29:34.373000", "db": "NVD", "id": "CVE-2004-0803" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-200412-097" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "LibTIFF contains multiple heap-based buffer overflows", "sources": [ { "db": "CERT/CC", "id": "VU#948752" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Boundary Condition Error", "sources": [ { "db": "BID", "id": "11406" }, { "db": "CNNVD", "id": "CNNVD-200412-097" } ], "trust": 0.9 } }
var-200407-0075
Vulnerability from variot
Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN. mod_ssl Is httpd.conf In SSLOptions Is a directive option FakeBasicAuth If enabled, a buffer overflow vulnerability exists.SSL Is enabled Apache HTTP Server Service disruption at (DoS) It may be in a state. Oracle Database Server, Oracle Application Server, Oracle Collaboration Suite, Oracle E-Business and Applications, Oracle Enterprise Manager Grid Control, and Oracle PeopleSoft Applications are reported prone to multiple vulnerabilities. Oracle has released a Critical Patch Update to address these issues in various supported applications and platforms. Other non-supported versions may be affected, but Symantec has not confirmed this. The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. While various levels of authorization are required to leverage some issues, others do not require any authorization. This BID will be divided and updated into separate BIDs when more information is available. A stack-based buffer overflow has been reported in the Apache 'mod_ssl' module. This issue is exposed in utility code for uuencoding binary data. This issue would most likely result in a denial of service if triggered, but could theoretically allow arbitrary code to run. The issue is not believed to be exploitable to execute arbitrary code on x86 architectures, but this may not be the case with other architectures. Mod_SSL is the SSL implementation on the Apache server, used to provide encryption support for the Apache web server. A remote attacker can use the ssl_engine_kernel.c module that uses this function to conduct a denial of service attack or execute arbitrary instructions in the WEB process
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-200407-0075", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "linux", "scope": "eq", "trust": 1.3, "vendor": "debian", "version": "3.0" }, { "model": "http server", "scope": "gte", "trust": 1.0, "vendor": "apache", "version": "2.0.35" }, { "model": "enterprise linux workstation", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "2.0" }, { "model": "enterprise linux server", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "2.0" }, { "model": "http server", "scope": "lt", "trust": 1.0, "vendor": "apache", "version": "2.0.50" }, { "model": "secure linux", "scope": "eq", "trust": 0.9, "vendor": "trustix", "version": "2.1" }, { "model": "secure linux", "scope": "eq", "trust": 0.9, "vendor": "trustix", "version": "1.5" }, { "model": "secure linux", "scope": "eq", "trust": 0.9, "vendor": "trustix", "version": "2.0" }, { "model": "http server", "scope": "lte", "trust": 0.8, "vendor": "apache", "version": "2.0.49" }, { "model": "mod ssl", "scope": "lte", "trust": 0.8, "vendor": "modssl", "version": "2.8.17" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "1.1" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "2.0" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "2.1" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3.0" }, { "model": "cobalt raq550", "scope": null, "trust": 0.8, "vendor": "sun microsystems", "version": null }, { "model": "turbolinux server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "6.5" }, { "model": "turbolinux server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "7" }, { "model": "turbolinux server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "8" }, { "model": "hp-ux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "11.00" }, { "model": "hp-ux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "11.04" }, { "model": "hp-ux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "11.11" }, { "model": "hp-ux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "11.22" }, { "model": "hp-ux", "scope": "eq", "trust": 0.8, "vendor": "hewlett packard", "version": "11.23" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (ws)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (ws)" }, { "model": "oneworld xe/erp8 applications sp22", "scope": null, "trust": 0.3, "vendor": "peoplesoft", "version": null }, { "model": "enterpriseone applications", "scope": "eq", "trust": 0.3, "vendor": "peoplesoft", "version": "8.93" }, { "model": "enterpriseone applications sp2", "scope": "eq", "trust": 0.3, "vendor": "peoplesoft", "version": "8.9" }, { "model": "oracle9i standard edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.2.6" }, { "model": "oracle9i standard edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.2.0.5" }, { "model": "oracle9i standard edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.0.4" }, { "model": "oracle9i standard edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.0.1.5" }, { "model": "oracle9i standard edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.0.1.4" }, { "model": "oracle9i personal edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.2.6" }, { "model": "oracle9i personal edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.2.0.5" }, { "model": "oracle9i personal edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.0.4" }, { "model": "oracle9i personal edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.0.1.5" }, { "model": "oracle9i personal edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.0.1.4" }, { "model": "oracle9i enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.2.6.0" }, { "model": "oracle9i enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.2.0.5" }, { "model": "oracle9i enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.0.4" }, { "model": "oracle9i enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.0.1.5" }, { "model": "oracle9i enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.0.1.4" }, { "model": "oracle9i application server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.0.3.1" }, { "model": "oracle9i application server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.0.2.3" }, { "model": "oracle9i application server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "1.0.2.2" }, { "model": "oracle8i standard edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "8.1.7.4" }, { "model": "oracle8i enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "8.1.7.4.0" }, { "model": "oracle10g standard edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "10.1.0.4" }, { "model": "oracle10g standard edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "10.1.0.3.1" }, { "model": "oracle10g standard edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "10.1.0.3" }, { "model": "oracle10g standard edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "10.1.0.2" }, { "model": "oracle10g personal edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "10.1.0.4" }, { "model": "oracle10g personal edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "10.1.0.3.1" }, { "model": "oracle10g personal edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "10.1.0.3" }, { "model": "oracle10g personal edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "10.1.0.2" }, { "model": "oracle10g enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "10.1.0.4" }, { "model": "oracle10g enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "10.1.0.3.1" }, { "model": "oracle10g enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "10.1.0.3" }, { "model": "oracle10g enterprise edition", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "10.1.0.2" }, { "model": "oracle10g application server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "10.1.2" }, { "model": "oracle10g application server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "10.1.0.3.1" }, { "model": "oracle10g application server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.0.4.1" }, { "model": "oracle10g application server", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.0.4.0" }, { "model": "enterprise manager grid control 10g", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "10.1.3" }, { "model": "enterprise manager grid control 10g", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "10.1.0.2" }, { "model": "enterprise manager", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.0.4.1" }, { "model": "enterprise manager", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "9.0.4.0" }, { "model": "e-business suite 11i", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "11.5.10" }, { "model": "e-business suite 11i", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "11.5.9" }, { "model": "e-business suite 11i", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "11.5.8" }, { "model": "e-business suite 11i", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "11.5.7" }, { "model": "e-business suite 11i", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "11.5.6" }, { "model": "e-business suite 11i", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "11.5.5" }, { "model": "e-business suite 11i", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "11.5.4" }, { "model": "e-business suite 11i", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "11.5.3" }, { "model": "e-business suite 11i", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "11.5.2" }, { "model": "e-business suite 11i", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "11.5.1" }, { "model": "e-business suite 11i", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "11.5" }, { "model": "e-business suite", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "11.0" }, { "model": "collaboration suite release", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "29.0.4.2" }, { "model": "collaboration suite release", "scope": "eq", "trust": 0.3, "vendor": "oracle", "version": "29.0.4.1" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.49" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.35" }, { "model": "multi network firewall", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "2.0" }, { "model": "hp-ux b.11.23", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "mod ssl", "scope": "eq", "trust": 0.3, "vendor": "mod ssl", "version": "2.8.12" }, { "model": "mod ssl", "scope": "eq", "trust": 0.3, "vendor": "mod ssl", "version": "2.8.9" }, { "model": "stronghold", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4.0" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0" }, { "model": "-current", "scope": null, "trust": 0.3, "vendor": "openbsd", "version": null }, { "model": "hp-ux b.11.22", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "openbsd", "scope": "eq", "trust": 0.3, "vendor": "openbsd", "version": "3.5" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "9.1" }, { "model": "linux m68k", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.0" }, { "model": "linux mandrake amd64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "9.2" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.4" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.28" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.39" }, { "model": "linux ia-64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.0" }, { "model": "mod ssl", "scope": "eq", "trust": 0.3, "vendor": "mod ssl", "version": "2.8.7" }, { "model": "linux mandrake amd64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "10.0" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.32" }, { "model": "-dev", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.7" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.0" }, { "model": "corporate server x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "2.1" }, { "model": "webproxy a.02.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "linux hppa", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.0" }, { "model": "advanced workstation for the itanium processor", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "enterprise server", "scope": "eq", "trust": 0.3, "vendor": "tinysofa", "version": "1.0" }, { "model": "compaq secure web server for openvms", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "1.2" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.22" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.9" }, { "model": "virtualvault a.04.70", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "enterprise linux ws ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "7.3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.8" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.43" }, { "model": "openvms secure web server", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.47" }, { "model": "linux mandrake ppc", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "9.1" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.20" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.26" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.25" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.37" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.5" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.14" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.11" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.4" }, { "model": "network proxy (for rhel", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4)4.2" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "openvms secure web server", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3-1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "gentoo", "version": "1.4" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "9.2" }, { "model": "home", "scope": null, "trust": 0.3, "vendor": "turbolinux", "version": null }, { "model": "linux i686", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "7.3" }, { "model": "linux alpha", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.0" }, { "model": "advanced workstation for the itanium processor ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "openvms secure web server", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.3-2" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.48" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.45" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.12" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "7.3" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.1" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.38" }, { "model": "mod ssl", "scope": "eq", "trust": 0.3, "vendor": "mod ssl", "version": "2.8.10" }, { "model": "openvms secure web server", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.2-2" }, { "model": "secure enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "trustix", "version": "2.0" }, { "model": "virtualvault a.04.50", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.46" }, { "model": "compaq secure web server for openvms", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "1.3" }, { "model": "desktop", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "10.0" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "10.0" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.44" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.24" }, { "model": "beta", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.28" }, { "model": "enterprise linux as ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.40" }, { "model": "openbsd", "scope": "eq", "trust": 0.3, "vendor": "openbsd", "version": "3.4" }, { "model": "mod ssl", "scope": "eq", "trust": 0.3, "vendor": "mod ssl", "version": "2.8.16" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.23" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3" }, { "model": "webproxy a.02.10", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "compaq secure web server for openvms", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.0" }, { "model": "virtualvault a.04.60", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "hp-ux b.11.11", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.19" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.18" }, { "model": "compaq secure web server for openvms php", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "2.0" }, { "model": "enterprise server -u1", "scope": "eq", "trust": 0.3, "vendor": "tinysofa", "version": "1.0" }, { "model": "a9", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.27" }, { "model": "hp-ux b.11.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "linux ia-32", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.0" }, { "model": "linux mipsel", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.0" }, { "model": "linux mips", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.0" }, { "model": "network proxy (for rhel", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3)4.2" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.8" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.42" }, { "model": "apache", "scope": "ne", "trust": 0.3, "vendor": "apache", "version": "2.0.50" }, { "model": "corporate server", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "2.1" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.28" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.5" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.3" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.0" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.4" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.36" }, { "model": "linux s/390", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.0" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "2.0.41" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.29" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.6" }, { "model": "linux ppc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.0" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.17" }, { "model": "enterprise linux es ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "10.0" }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "apache", "scope": "eq", "trust": 0.3, "vendor": "apache", "version": "1.3.31" }, { "model": "mod ssl", "scope": "eq", "trust": 0.3, "vendor": "mod ssl", "version": "2.8.15" }, { "model": "propack", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "2.4" } ], "sources": [ { "db": "BID", "id": "13139" }, { "db": "BID", "id": "10355" }, { "db": "JVNDB", "id": "JVNDB-2004-000199" }, { "db": "CNNVD", "id": "CNNVD-200407-016" }, { "db": "NVD", "id": "CVE-2004-0488" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:apache:http_server", "vulnerable": true }, { "cpe22Uri": "cpe:/a:mod_ssl:mod_ssl", "vulnerable": true }, { "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server", "vulnerable": true }, { "cpe22Uri": "cpe:/h:sun:sun_cobalt_raq_550", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux_server", "vulnerable": true }, { "cpe22Uri": "cpe:/o:hp:hp-ux", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:enterprise_linux", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2004-000199" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Georgi Guninski\u203b guninski@guninski.com", "sources": [ { "db": "CNNVD", "id": "CNNVD-200407-016" } ], "trust": 0.6 }, "cve": "CVE-2004-0488", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2004-0488", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "VHN-8918", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2004-0488", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2004-0488", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-200407-016", "trust": 0.6, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-8918", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-8918" }, { "db": "JVNDB", "id": "JVNDB-2004-000199" }, { "db": "CNNVD", "id": "CNNVD-200407-016" }, { "db": "NVD", "id": "CVE-2004-0488" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN. mod_ssl Is httpd.conf In SSLOptions Is a directive option FakeBasicAuth If enabled, a buffer overflow vulnerability exists.SSL Is enabled Apache HTTP Server Service disruption at (DoS) It may be in a state. Oracle Database Server, Oracle Application Server, Oracle Collaboration Suite, Oracle E-Business and Applications, Oracle Enterprise Manager Grid Control, and Oracle PeopleSoft Applications are reported prone to multiple vulnerabilities. \nOracle has released a Critical Patch Update to address these issues in various supported applications and platforms. Other non-supported versions may be affected, but Symantec has not confirmed this. \nThe issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. While various levels of authorization are required to leverage some issues, others do not require any authorization. \nThis BID will be divided and updated into separate BIDs when more information is available. A stack-based buffer overflow has been reported in the Apache \u0027mod_ssl\u0027 module. \nThis issue is exposed in utility code for uuencoding binary data. \nThis issue would most likely result in a denial of service if triggered, but could theoretically allow arbitrary code to run. The issue is not believed to be exploitable to execute arbitrary code on x86 architectures, but this may not be the case with other architectures. Mod_SSL is the SSL implementation on the Apache server, used to provide encryption support for the Apache web server. A remote attacker can use the ssl_engine_kernel.c module that uses this function to conduct a denial of service attack or execute arbitrary instructions in the WEB process", "sources": [ { "db": "NVD", "id": "CVE-2004-0488" }, { "db": "JVNDB", "id": "JVNDB-2004-000199" }, { "db": "BID", "id": "13139" }, { "db": "BID", "id": "10355" }, { "db": "VULHUB", "id": "VHN-8918" } ], "trust": 2.25 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2004-0488", "trust": 3.1 }, { "db": "BID", "id": "10355", "trust": 2.8 }, { "db": "JVNDB", "id": "JVNDB-2004-000199", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-200407-016", "trust": 0.7 }, { "db": "BID", "id": "13139", "trust": 0.3 }, { "db": "SEEBUG", "id": "SSVID-87504", "trust": 0.1 }, { "db": "VULHUB", "id": "VHN-8918", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-8918" }, { "db": "BID", "id": "13139" }, { "db": "BID", "id": "10355" }, { "db": "JVNDB", "id": "JVNDB-2004-000199" }, { "db": "CNNVD", "id": "CNNVD-200407-016" }, { "db": "NVD", "id": "CVE-2004-0488" } ] }, "id": "VAR-200407-0075", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-8918" } ], "trust": 0.01 }, "last_update_date": "2024-08-14T13:01:07.751000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "2.0 CHANGES", "trust": 0.8, "url": "http://www.apache.org/dist/httpd/CHANGES_2.0" }, { "title": "HPSBUX01068", "trust": 0.8, "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01068" }, { "title": "HPSBUX01064", "trust": 0.8, "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX01064" }, { "title": "HPSBUX01068", "trust": 0.8, "url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX01068.html" }, { "title": "HPSBUX01064", "trust": 0.8, "url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX01064.html" }, { "title": "mod_ssl", "trust": 0.8, "url": "http://www.miraclelinux.com/support/update/data/mod_ssl.html" }, { "title": "httpd", "trust": 0.8, "url": "http://www.miraclelinux.com/support/update/data/httpd.html" }, { "title": "Top Page", "trust": 0.8, "url": "http://www.modssl.org/" }, { "title": "RHSA-2004:245", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2004-245.html" }, { "title": "RHSA-2004:342", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2004-342.html" }, { "title": "550 Apache and Openssl Security Update 0.0.1", "trust": 0.8, "url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq550.eng" }, { "title": "TLSA-2006-32", "trust": 0.8, "url": "http://www.turbolinux.com/security/2006/TLSA-2006-32.txt" }, { "title": "RHSA-2004:245", "trust": 0.8, "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2004-245J.html" }, { "title": "RHSA-2004:342", "trust": 0.8, "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2004-342J.html" }, { "title": "TLSA-2006-32", "trust": 0.8, "url": "http://www.turbolinux.co.jp/security/2006/TLSA-2006-32j.txt" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2004-000199" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-787", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2004-0488" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "http://www.securityfocus.com/bid/10355" }, { "trust": 2.0, "url": "http://rhn.redhat.com/errata/rhsa-2004-245.html" }, { "trust": 1.7, "url": "http://www.debian.org/security/2004/dsa-532" }, { "trust": 1.7, "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1888" }, { "trust": 1.7, "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-may/021610.html" }, { "trust": 1.7, "url": "http://security.gentoo.org/glsa/glsa-200406-05.xml" }, { "trust": 1.7, "url": "http://www.mandriva.com/security/advisories?name=mdksa-2004:054" }, { "trust": 1.7, "url": "http://www.mandriva.com/security/advisories?name=mdksa-2004:055" }, { "trust": 1.7, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11458" }, { "trust": 1.7, "url": "http://www.redhat.com/support/errata/rhsa-2004-342.html" }, { "trust": 1.7, "url": "http://www.redhat.com/support/errata/rhsa-2004-405.html" }, { "trust": 1.7, "url": "http://www.redhat.com/support/errata/rhsa-2005-816.html" }, { "trust": 1.7, "url": "http://www.trustix.net/errata/2004/0031/" }, { "trust": 1.7, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16214" }, { "trust": 1.6, "url": "http://marc.info/?l=bugtraq\u0026m=109215056218824\u0026w=2" }, { "trust": 1.6, "url": "http://marc.info/?l=bugtraq\u0026m=108619129727620\u0026w=2" }, { "trust": 1.6, "url": "http://marc.info/?l=bugtraq\u0026m=109181600614477\u0026w=2" }, { "trust": 1.6, "url": "http://marc.info/?l=bugtraq\u0026m=108567431823750\u0026w=2" }, { "trust": 1.1, "url": "ftp://patches.sgi.com/support/free/security/advisories/20040605-01-u.asc" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab%40%3ccvs.httpd.apache.org%3e" }, { "trust": 1.0, "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0488" }, { "trust": 0.8, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0488" }, { "trust": 0.6, "url": "httpd.apache.org%3e" }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs." }, { "trust": 0.6, "url": "https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3ccvs." }, { "trust": 0.3, "url": "http://www.oracle.com/technology/deploy/security/pdf/cpuapr2005.pdf" }, { "trust": 0.3, "url": "http://www.oracle.com/index.html" }, { "trust": 0.3, "url": "http://www.peoplesoft.com:80/corp/en/support/security_index.jsp" }, { "trust": 0.3, "url": "/archive/1/395699" }, { "trust": 0.3, "url": "http://httpd.apache.org/" }, { "trust": 0.3, "url": "http://www.modssl.org" }, { "trust": 0.3, "url": "http://www.openbsd.org/errata.html" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2004-342.html" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2004-405.html" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2005-816.html" }, { "trust": 0.3, "url": "http://www4.itrc.hp.com/service/cki/docdisplay.do?admit=-938907319+1097930936036+28353475\u0026docid=hpsbov01083" }, { "trust": 0.3, "url": "http://www.tinysofa.org/support/errata/2004/008.html" }, { "trust": 0.3, "url": "http://support.avaya.com/japple/css/japple?temp.groupid=128450\u0026temp.selectedfamily=128451\u0026temp.selectedproduct=154235\u0026temp.selectedbucket=126655\u0026temp.feedbackstate=askforfeedback\u0026temp.documentid=19466" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2008-0523.html" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=108567431823750\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=108619129727620\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=109181600614477\u0026amp;w=2" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=109215056218824\u0026amp;w=2" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/re895fc1736d25c8cf57e102c871613b8aeec9ea26fd8a44e7942b5ab@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/rd65d8ba68ba17e7deedafbf5bb4899f2ae4dad781d21b931c2941ac3@%3ccvs.httpd.apache.org%3e" }, { "trust": 0.1, "url": "https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3ccvs.httpd.apache.org%3e" } ], "sources": [ { "db": "VULHUB", "id": "VHN-8918" }, { "db": "BID", "id": "13139" }, { "db": "BID", "id": "10355" }, { "db": "JVNDB", "id": "JVNDB-2004-000199" }, { "db": "CNNVD", "id": "CNNVD-200407-016" }, { "db": "NVD", "id": "CVE-2004-0488" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-8918" }, { "db": "BID", "id": "13139" }, { "db": "BID", "id": "10355" }, { "db": "JVNDB", "id": "JVNDB-2004-000199" }, { "db": "CNNVD", "id": "CNNVD-200407-016" }, { "db": "NVD", "id": "CVE-2004-0488" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2004-07-07T00:00:00", "db": "VULHUB", "id": "VHN-8918" }, { "date": "2005-04-12T00:00:00", "db": "BID", "id": "13139" }, { "date": "2004-05-17T00:00:00", "db": "BID", "id": "10355" }, { "date": "2007-04-01T00:00:00", "db": "JVNDB", "id": "JVNDB-2004-000199" }, { "date": "2003-07-18T00:00:00", "db": "CNNVD", "id": "CNNVD-200407-016" }, { "date": "2004-07-07T04:00:00", "db": "NVD", "id": "CVE-2004-0488" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-10-11T00:00:00", "db": "VULHUB", "id": "VHN-8918" }, { "date": "2006-05-05T23:30:00", "db": "BID", "id": "13139" }, { "date": "2008-07-01T00:40:00", "db": "BID", "id": "10355" }, { "date": "2007-04-01T00:00:00", "db": "JVNDB", "id": "JVNDB-2004-000199" }, { "date": "2022-09-26T00:00:00", "db": "CNNVD", "id": "CNNVD-200407-016" }, { "date": "2023-11-07T01:56:42.070000", "db": "NVD", "id": "CVE-2004-0488" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "network", "sources": [ { "db": "BID", "id": "13139" }, { "db": "BID", "id": "10355" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Apache HTTP Server of mod_ssl Vulnerable to buffer overflow", "sources": [ { "db": "JVNDB", "id": "JVNDB-2004-000199" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer error", "sources": [ { "db": "CNNVD", "id": "CNNVD-200407-016" } ], "trust": 0.6 } }
var-200501-0287
Vulnerability from variot
Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls. Apple Mac OS X with Bluetooth support may unintentionally allow files to be exchanged with other systems by default. Apple Mac OS X Directory Service utilities use external programs insecurely, potentially allowing an attacker to execute arbitrary code. Multiple integer overflows in the LibTIFF library may allow an attacker to execute arbitrary code. Multiple integer overflows in the LibTIFF library may allow an attacker to execute arbitrary code. LibTIFF is affected by multiple buffer-overflow vulnerabilities because the software fails to properly perform boundary checks before copying user-supplied strings into finite process buffers. An attacker may leverage these issues to execute arbitrary code on a vulnerable computer with the privileges of the user running a vulnerable application, facilitating unauthorized access. The attacker may also leverage these issues to crash the affected application. libtiff is an application library responsible for encoding/decoding the TIFF image format. Impacts of other vulnerabilities addressed by the update include disclosure of information and denial of service.
I. Description
Apple Security Update 2005-005 resolves a number of vulnerabilities affecting Mac OS X and OS X Server. (CAN-2004-0594)
Please note that Apple Security Update 2005-005 addresses additional vulnerabilities not described above. As further information becomes available, we will publish individual Vulnerability Notes.
II. Impact
The impacts of these vulnerabilities vary, for information about specific impacts please see the Vulnerability Notes. Potential consequences include remote execution of arbitrary code or commands, disclosure of sensitive information, and denial of service.
III. Solution
Install an Update
Install the update as described in Apple Security Update 2005-005.
Appendix A. References
* US-CERT Vulnerability Note VU#582934 -
<http://www.kb.cert.org/vuls/id/582934>
* US-CERT Vulnerability Note VU#258390 -
<http://www.kb.cert.org/vuls/id/258390>
* US-CERT Vulnerability Note VU#331694 -
<http://www.kb.cert.org/vuls/id/331694>
* US-CERT Vulnerability Note VU#706838 -
<http://www.kb.cert.org/vuls/id/706838>
* US-CERT Vulnerability Note VU#539110 -
<http://www.kb.cert.org/vuls/id/539110>
* US-CERT Vulnerability Note VU#354486 -
<http://www.kb.cert.org/vuls/id/354486>
* US-CERT Vulnerability Note VU#882750 -
<http://www.kb.cert.org/vuls/id/882750>
* US-CERT Vulnerability Note VU#537878 -
<http://www.kb.cert.org/vuls/id/537878>
* US-CERT Vulnerability Note VU#125598 -
<http://www.kb.cert.org/vuls/id/125598>
* US-CERT Vulnerability Note VU#356070 -
<http://www.kb.cert.org/vuls/id/356070>
* Apple Security Update 2005-005 -
<http://docs.info.apple.com/article.html?artnum=301528>
These vulnerabilities were discovered by several people and reported in Apple Security Update 2005-005. Please see the Vulnerability Notes for individual reporter acknowledgements.
Feedback can be directed to the authors: Jeffrey Gennari and Jason Rafail.
Copyright 2005 Carnegie Mellon University. Terms of use
Revision History
May 16, 2005: Initial release Last updated May 16, 2005 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBQojwRBhoSezw4YfQAQKb1gf/a7XQAZQR+t5+FpzRoUrJyVIg3Mf1IISP yS5GLgfwC+4GuDEd/BA51+591OhNAWa1hO2JAUQwJ799VL7vAY6vbDW84c+S0eQ+ J+FHgddUsuvRtmsXCg2Fin1JRG4hCqBQ9q2S0h4+fM7yWSdLOY7xeAAwPOwG+bsU AVjDMNiPACHxw7CNQ8qpPXFfo3qrV+oj55F62TbR0fujtil6yQR3lE9wSeiuLs/i KgQFZlHMEoAwQnghwLk7eQLkzGD9eAZ+pZ7Ny0AvF7avhGflh2nFNe2acFoJ2Iw7 /gMXj/uN/ZpDssS37y38LIvyA3kIQrSlEW7iKf1wi2eQ3ntjyv/9NA== =uqBU -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA 567-1 security@debian.org http://www.debian.org/security/ Martin Schulze October 15th, 2004 http://www.debian.org/security/faq
Package : tiff Vulnerability : heap overflows Problem-Type : remote Debian-specific: no CVE ID : CAN-2004-0803 CAN-2004-0804 CAN-2004-0886
Several problems have been discovered in libtiff, the Tag Image File Format library for processing TIFF graphics files. The Common Vulnerabilities and Exposures Project has identified the following problems:
CAN-2004-0803
Chris Evans discovered several problems in the RLE (run length
encoding) decoders that could lead to arbitrary code execution.
CAN-2004-0804
Matthias Clasen discovered a division by zero through an integer
overflow.
CAN-2004-0886
Dmitry V.
For the stable distribution (woody) these problems have been fixed in version 3.5.5-6woody1.
For the unstable distribution (sid) these problems have been fixed in version 3.6.1-2.
We recommend that you upgrade your libtiff package.
Upgrade Instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
Source archives:
http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5-6woody1.dsc
Size/MD5 checksum: 635 11a374e916d818c05a373feb04cab6a0
http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5-6woody1.diff.gz
Size/MD5 checksum: 36717 6f4d137f7c935d57757313a610dbd389
http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5.orig.tar.gz
Size/MD5 checksum: 693641 3b7199ba793dec6ca88f38bb0c8cc4d8
Alpha architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_alpha.deb
Size/MD5 checksum: 141424 18b6e6b621178c1419de8a13a0a62366
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_alpha.deb
Size/MD5 checksum: 105148 875257fb73ba05a575d06650c130a545
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_alpha.deb
Size/MD5 checksum: 423194 9796f3e82553cedb237f1b574570f143
ARM architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_arm.deb
Size/MD5 checksum: 116928 5ed91b9586d830e8da9a5086fc5a6e76
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_arm.deb
Size/MD5 checksum: 90466 f04c381a418fd33602d1ba30158597d3
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_arm.deb
Size/MD5 checksum: 404262 30f13bfdf54cfca30ee5ca0f6c6d0e4e
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_i386.deb
Size/MD5 checksum: 112068 d15dfdf84f010be08799d456726e1d9d
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_i386.deb
Size/MD5 checksum: 81054 293f5c99f0a589917257ec7fee0b92fe
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_i386.deb
Size/MD5 checksum: 387052 9606adb1668decf5ac1ee02a94298e85
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_ia64.deb
Size/MD5 checksum: 158774 80c1b7ad68ecc78091ea95414125e81c
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_ia64.deb
Size/MD5 checksum: 135386 b17f87aa0ad98fc50aa8c137a6f5089c
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_ia64.deb
Size/MD5 checksum: 446496 757f3b6cc9d3f1ec5a2dfb1c3485caf3
HP Precision architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_hppa.deb
Size/MD5 checksum: 128298 46dece015f0282bca0af7f6e740e9d31
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_hppa.deb
Size/MD5 checksum: 106788 b837005b41c54c341cbd61e8fdb581ff
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_hppa.deb
Size/MD5 checksum: 420346 3a2b91ee22af99eec3ab42d81cf9d59f
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_m68k.deb
Size/MD5 checksum: 107302 0c702a3e5c2ad7ad7bd96dae64fa2d61
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_m68k.deb
Size/MD5 checksum: 79770 d67f4347d35bf898a6ab1914cb53a42f
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_m68k.deb
Size/MD5 checksum: 380218 42e6f07cf2e70de01ca40ac4a97254bf
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_mips.deb
Size/MD5 checksum: 124048 85d8c8cbb62cc62c876bf4ed721027cf
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_mips.deb
Size/MD5 checksum: 87840 5f3312f22b0f345c7eae434f5b871993
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_mips.deb
Size/MD5 checksum: 410770 be817ddffa91c423b55fda3388d7ce48
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_mipsel.deb
Size/MD5 checksum: 123558 42594e9270de16ff802c11eccf7a0efb
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_mipsel.deb
Size/MD5 checksum: 88198 a8f0abe9205431caf94dce77d11ac477
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_mipsel.deb
Size/MD5 checksum: 410860 68a12ef6d37fc575105c4ceb9b766949
PowerPC architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_powerpc.deb
Size/MD5 checksum: 116042 2258da94549ae05ffae643bc40790487
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_powerpc.deb
Size/MD5 checksum: 89424 c8d782561a299ffb65ea84b59d88117a
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_powerpc.deb
Size/MD5 checksum: 402372 1eca24adda52b40c7a8d789fdeb3cb2e
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_s390.deb
Size/MD5 checksum: 116870 dcddc86a0d96296c07076391adc9d754
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_s390.deb
Size/MD5 checksum: 91742 40c1de704b191e4abb65af8a4b7fd75d
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_s390.deb
Size/MD5 checksum: 395332 86d351b75f1f146ddad6d562ca77005c
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_sparc.deb
Size/MD5 checksum: 132888 9ed9db78d727ba8bfbb25c1e68b03bf2
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_sparc.deb
Size/MD5 checksum: 88556 a4069600bd9295a27d4eb6e9e0995495
http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_sparc.deb
Size/MD5 checksum: 397026 149e12055c5711129552fa938b5af431
These files will probably be moved into the stable distribution on its next update. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00600177 Version: 1
HPSBUX02119 SSRT4848 rev.1 - HP-UX Running Motif Applications Remote Arbitrary Code Execution, Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
References: CERT VU#537878, VU#882750
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.00, B.11.11, B.11.23 running Motif applications.
BACKGROUND
Potential vulnerabilities have been reported with the handling of XPixMap format data: http://www.kb.cert.org/vuls/id/882750 http://www.kb.cert.org/vuls/id/537878
AFFECTED VERSIONS
HP-UX B.11.00
X11.MOTIF-SHLIB action: install PHSS_33129 or subsequent
HP-UX B.11.11
X11.MOTIF-SHLIB action: install PHSS_33130 or subsequent
HP-UX B.11.23
X11.MOTIF-SHLIB action: install PHSS_33132 or subsequent
RESOLUTION HP has made the following patches available to resolve the issue. The patches can be downloaded from http://itrc.hp.com
HP-UX B.11.00 PHSS_33129 or subsequent HP-UX B.11.11 PHSS_33130 or subsequent HP-UX B.11.23 PHSS_33132 or subsequent
MANUAL ACTIONS: No
PRODUCT SPECIFIC INFORMATION
HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all HP-issued Security Bulletins to provide a subset of recommended actions that potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA
HISTORY Version:1 (rev.1) 17 May 2006 Initial release
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com. It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key
Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA& langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC
On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches - check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems - verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
-
The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW, MA = HP Management Agents, MI = Misc. 3rd party SW, MP = HP MPE/iX, NS = HP NonStop Servers, OV = HP OpenVMS, PI = HP Printing & Imaging, ST = HP Storage SW, TL = HP Trusted Linux, TU = HP Tru64 UNIX, UX = HP-UX, VV = HP Virtual Vault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
(c)Copyright 2006 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP nor its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-200501-0287", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": null, "scope": null, "trust": 6.4, "vendor": "apple computer", "version": null }, { "model": "enterprise linux", "scope": "eq", "trust": 1.6, "vendor": "redhat", "version": "2.1" }, { "model": "secure linux", "scope": "eq", "trust": 1.3, "vendor": "trustix", "version": "2.1" }, { "model": "secure linux", "scope": "eq", "trust": 1.3, "vendor": "trustix", "version": "2.0" }, { "model": "secure linux", "scope": "eq", "trust": 1.3, "vendor": "trustix", "version": "1.5" }, { "model": "linux", "scope": "eq", "trust": 1.3, "vendor": "suse", "version": "8.1" }, { "model": "pdf library", "scope": "eq", "trust": 1.3, "vendor": "pdflib", "version": "5.0.2" }, { "model": "libtiff", "scope": "eq", "trust": 1.3, "vendor": "libtiff", "version": "3.6.1" }, { "model": "libtiff", "scope": "eq", "trust": 1.3, "vendor": "libtiff", "version": "3.6.0" }, { "model": "libtiff", "scope": "eq", "trust": 1.3, "vendor": "libtiff", "version": "3.5.7" }, { "model": "libtiff", "scope": "eq", "trust": 1.3, "vendor": "libtiff", "version": "3.5.5" }, { "model": "libtiff", "scope": "eq", "trust": 1.3, "vendor": "libtiff", "version": "3.5.4" }, { "model": "libtiff", "scope": "eq", "trust": 1.3, "vendor": "libtiff", "version": "3.5.3" }, { "model": "libtiff", "scope": "eq", "trust": 1.3, "vendor": "libtiff", "version": "3.5.2" }, { "model": "libtiff", "scope": "eq", "trust": 1.3, "vendor": "libtiff", "version": "3.5.1" }, { "model": "libtiff", "scope": "eq", "trust": 1.3, "vendor": "libtiff", "version": "3.4" }, { "model": "kde", "scope": "eq", "trust": 1.3, "vendor": "kde", "version": "3.3.1" }, { "model": "kde", "scope": "eq", "trust": 1.3, "vendor": "kde", "version": "3.3" }, { "model": "kde", "scope": "eq", "trust": 1.3, "vendor": "kde", "version": "3.2.3" }, { "model": "kde", "scope": "eq", "trust": 1.3, "vendor": "kde", "version": "3.2.2" }, { "model": "kde", "scope": "eq", "trust": 1.3, "vendor": "kde", "version": "3.2.1" }, { "model": "kde", "scope": "eq", "trust": 1.3, "vendor": "kde", "version": "3.2" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.8" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.6" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.5" }, { "model": "fedora core", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "core_2.0" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.5" }, { "model": "enterprise linux", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "3.0" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.6" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "1.0" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "9.1" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "3.0" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3.6" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.1" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3.6" }, { "model": "wxgtk2", "scope": "eq", "trust": 1.0, "vendor": "wxgtk2", "version": "2.5_.0" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3.1" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.1" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.4" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.4" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.3" }, { "model": "mandrake linux", "scope": "eq", "trust": 1.0, "vendor": "mandrakesoft", "version": "10.0" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.3" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3.5" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3.1" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3.4" }, { "model": "linux advanced workstation", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "2.1" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3.4" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3.5" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.2" }, { "model": "wxgtk2", "scope": "eq", "trust": 1.0, "vendor": "wxgtk2", "version": "*" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.7" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.2" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.7" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3.3" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3.3" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3.2" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "9.0" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "8" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "8.2" }, { "model": "mac os x server", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.3.2" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.2.8" }, { "model": null, "scope": null, "trust": 0.8, "vendor": "red hat", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "sun microsystems", "version": null }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "2.0" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "2.1" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3.0" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3.0 (x86-64)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "10 (sparc)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "10 (x86)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "7.0 (sparc)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "7.0 (x86)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "8 (sparc)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "8 (x86)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "9 (sparc)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "9 (x86)" }, { "model": "turbolinux", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "10_f" }, { "model": "turbolinux appliance server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "1.0 (hosting)" }, { "model": "turbolinux appliance server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "1.0 (workgroup)" }, { "model": "turbolinux desktop", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "10" }, { "model": "turbolinux server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "10" }, { "model": "turbolinux server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "7" }, { "model": "turbolinux server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "8" }, { "model": "turbolinux workstation", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "7" }, { "model": "turbolinux workstation", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "8" }, { "model": "home", "scope": null, "trust": 0.8, "vendor": "turbo linux", "version": null }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (ws)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (ws)" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3.0" }, { "model": "linux advanced workstation", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1" }, { "model": "wxgtk2", "scope": "eq", "trust": 0.3, "vendor": "wxgtk2", "version": "2.5.0" }, { "model": "wxgtk2", "scope": null, "trust": 0.3, "vendor": "wxgtk2", "version": null }, { "model": "secure enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "trustix", "version": "2.0" }, { "model": "tetex", "scope": "eq", "trust": 0.3, "vendor": "tetex", "version": "1.0.7" }, { "model": "tetex", "scope": "eq", "trust": 0.3, "vendor": "tetex", "version": "1.0.6" }, { "model": "linux enterprise server", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "8" }, { "model": "linux enterprise server", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "9" }, { "model": "linux desktop", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "1.0" }, { "model": "solaris 9 x86 update", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "2" }, { "model": "solaris 9 x86", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "solaris", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "9" }, { "model": "solaris 8 x86", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "solaris 8 sparc", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "solaris 7.0 x86", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "solaris", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "7.0" }, { "model": "solaris 10 x86", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "solaris 10.0 x86", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "solaris", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "10" }, { "model": "propack", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "3.0" }, { "model": "unixware", "scope": "eq", "trust": 0.3, "vendor": "sco", "version": "7.1.4" }, { "model": "linux personal", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.1" }, { "model": "linux personal", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.0" }, { "model": "linux personal", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "8.2" }, { "model": "fedora core2", "scope": null, "trust": 0.3, "vendor": "redhat", "version": null }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "enterprise linux ws ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "enterprise linux es ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "enterprise linux as ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3.0" }, { "model": "advanced workstation for the itanium processor ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "advanced workstation for the itanium processor", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "linux mandrake amd64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "10.0" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "10.0" }, { "model": "corporate server x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "3.0" }, { "model": "corporate server", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "3.0" }, { "model": "do not use", "scope": null, "trust": 0.3, "vendor": "libtiff", "version": null }, { "model": "modular messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.0" }, { "model": "modular messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.1" }, { "model": "modular messaging s3400", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "mn100", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "intuity lx", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "integrated management", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "cvlan", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.6" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.5" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.4" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.2" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.8" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.7" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.6" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.5" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.4" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.2" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.6" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.5" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.8" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.7" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.6" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.5" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2" }, { "model": "pdf library p1", "scope": "ne", "trust": 0.3, "vendor": "pdflib", "version": "5.0.4" }, { "model": "kde", "scope": "ne", "trust": 0.3, "vendor": "kde", "version": "3.3.2" } ], "sources": [ { "db": "CERT/CC", "id": "VU#354486" }, { "db": "CERT/CC", "id": "VU#258390" }, { "db": "CERT/CC", "id": "VU#356070" }, { "db": "CERT/CC", "id": "VU#539110" }, { "db": "CERT/CC", "id": "VU#706838" }, { "db": "CERT/CC", "id": "VU#331694" }, { "db": "CERT/CC", "id": "VU#687568" }, { "db": "CERT/CC", "id": "VU#687568" }, { "db": "BID", "id": "11406" }, { "db": "JVNDB", "id": "JVNDB-2004-000445" }, { "db": "CNNVD", "id": "CNNVD-200501-308" }, { "db": "NVD", "id": "CVE-2004-0886" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server", "vulnerable": true }, { "cpe22Uri": "cpe:/o:sun:solaris", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux_desktop", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux_server", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux_workstation", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux_home", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:enterprise_linux", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2004-000445" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "chris chris@cr-secure.net", "sources": [ { "db": "CNNVD", "id": "CNNVD-200501-308" } ], "trust": 0.6 }, "cve": "CVE-2004-0886", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CVE-2004-0886", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "VHN-9316", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "CARNEGIE MELLON", "id": "VU#687568", "trust": 1.6, "value": "10.33" }, { "author": "nvd@nist.gov", "id": "CVE-2004-0886", "trust": 1.0, "value": "MEDIUM" }, { "author": "CARNEGIE MELLON", "id": "VU#354486", "trust": 0.8, "value": "10.69" }, { "author": "CARNEGIE MELLON", "id": "VU#258390", "trust": 0.8, "value": "2.03" }, { "author": "CARNEGIE MELLON", "id": "VU#356070", "trust": 0.8, "value": "22.31" }, { "author": "CARNEGIE MELLON", "id": "VU#539110", "trust": 0.8, "value": "5.04" }, { "author": "CARNEGIE MELLON", "id": "VU#706838", "trust": 0.8, "value": "9.38" }, { "author": "CARNEGIE MELLON", "id": "VU#331694", "trust": 0.8, "value": "15.94" }, { "author": "NVD", "id": "CVE-2004-0886", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-200501-308", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-9316", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CERT/CC", "id": "VU#354486" }, { "db": "CERT/CC", "id": "VU#258390" }, { "db": "CERT/CC", "id": "VU#356070" }, { "db": "CERT/CC", "id": "VU#539110" }, { "db": "CERT/CC", "id": "VU#706838" }, { "db": "CERT/CC", "id": "VU#331694" }, { "db": "CERT/CC", "id": "VU#687568" }, { "db": "CERT/CC", "id": "VU#687568" }, { "db": "VULHUB", "id": "VHN-9316" }, { "db": "JVNDB", "id": "JVNDB-2004-000445" }, { "db": "CNNVD", "id": "CNNVD-200501-308" }, { "db": "NVD", "id": "CVE-2004-0886" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls. Apple Mac OS X with Bluetooth support may unintentionally allow files to be exchanged with other systems by default. Apple Mac OS X Directory Service utilities use external programs insecurely, potentially allowing an attacker to execute arbitrary code. Multiple integer overflows in the LibTIFF library may allow an attacker to execute arbitrary code. Multiple integer overflows in the LibTIFF library may allow an attacker to execute arbitrary code. LibTIFF is affected by multiple buffer-overflow vulnerabilities because the software fails to properly perform boundary checks before copying user-supplied strings into finite process buffers. \nAn attacker may leverage these issues to execute arbitrary code on a vulnerable computer with the privileges of the user running a vulnerable application, facilitating unauthorized access. The attacker may also leverage these issues to crash the affected application. libtiff is an application library responsible for encoding/decoding the TIFF image format. Impacts of other vulnerabilities addressed by\n the update include disclosure of information and denial of service. \n\nI. Description\n\n Apple Security Update 2005-005 resolves a number of vulnerabilities\n affecting Mac OS X and OS X Server. \n (CAN-2004-0594)\n \n Please note that Apple Security Update 2005-005 addresses additional\n vulnerabilities not described above. As further information becomes\n available, we will publish individual Vulnerability Notes. \n\nII. Impact\n\n The impacts of these vulnerabilities vary, for information about\n specific impacts please see the Vulnerability Notes. Potential\n consequences include remote execution of arbitrary code or commands,\n disclosure of sensitive information, and denial of service. \n\nIII. Solution\n\nInstall an Update\n\n Install the update as described in Apple Security Update 2005-005. \n\nAppendix A. References\n\n * US-CERT Vulnerability Note VU#582934 -\n \u003chttp://www.kb.cert.org/vuls/id/582934\u003e\n \n * US-CERT Vulnerability Note VU#258390 -\n \u003chttp://www.kb.cert.org/vuls/id/258390\u003e\n \n * US-CERT Vulnerability Note VU#331694 -\n \u003chttp://www.kb.cert.org/vuls/id/331694\u003e\n\n * US-CERT Vulnerability Note VU#706838 -\n \u003chttp://www.kb.cert.org/vuls/id/706838\u003e\n\n * US-CERT Vulnerability Note VU#539110 -\n \u003chttp://www.kb.cert.org/vuls/id/539110\u003e\n\n * US-CERT Vulnerability Note VU#354486 -\n \u003chttp://www.kb.cert.org/vuls/id/354486\u003e\n\n * US-CERT Vulnerability Note VU#882750 -\n \u003chttp://www.kb.cert.org/vuls/id/882750\u003e\n\n * US-CERT Vulnerability Note VU#537878 -\n \u003chttp://www.kb.cert.org/vuls/id/537878\u003e\n\n * US-CERT Vulnerability Note VU#125598 -\n \u003chttp://www.kb.cert.org/vuls/id/125598\u003e\n\n * US-CERT Vulnerability Note VU#356070 -\n \u003chttp://www.kb.cert.org/vuls/id/356070\u003e\n\n * Apple Security Update 2005-005 -\n \u003chttp://docs.info.apple.com/article.html?artnum=301528\u003e\n _________________________________________________________________\n\n These vulnerabilities were discovered by several people and reported\n in Apple Security Update 2005-005. Please see the Vulnerability Notes\n for individual reporter acknowledgements. \n _________________________________________________________________\n\n Feedback can be directed to the authors: Jeffrey Gennari and Jason\n Rafail. \n _________________________________________________________________\n\n Copyright 2005 Carnegie Mellon University. Terms of use\n\n Revision History\n\n May 16, 2005: Initial release\n Last updated May 16, 2005 \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBQojwRBhoSezw4YfQAQKb1gf/a7XQAZQR+t5+FpzRoUrJyVIg3Mf1IISP\nyS5GLgfwC+4GuDEd/BA51+591OhNAWa1hO2JAUQwJ799VL7vAY6vbDW84c+S0eQ+\nJ+FHgddUsuvRtmsXCg2Fin1JRG4hCqBQ9q2S0h4+fM7yWSdLOY7xeAAwPOwG+bsU\nAVjDMNiPACHxw7CNQ8qpPXFfo3qrV+oj55F62TbR0fujtil6yQR3lE9wSeiuLs/i\nKgQFZlHMEoAwQnghwLk7eQLkzGD9eAZ+pZ7Ny0AvF7avhGflh2nFNe2acFoJ2Iw7\n/gMXj/uN/ZpDssS37y38LIvyA3kIQrSlEW7iKf1wi2eQ3ntjyv/9NA==\n=uqBU\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- --------------------------------------------------------------------------\nDebian Security Advisory DSA 567-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nOctober 15th, 2004 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : tiff\nVulnerability : heap overflows\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CAN-2004-0803 CAN-2004-0804 CAN-2004-0886\n\nSeveral problems have been discovered in libtiff, the Tag Image File\nFormat library for processing TIFF graphics files. The Common Vulnerabilities and\nExposures Project has identified the following problems:\n\nCAN-2004-0803\n\n Chris Evans discovered several problems in the RLE (run length\n encoding) decoders that could lead to arbitrary code execution. \n\nCAN-2004-0804\n\n Matthias Clasen discovered a division by zero through an integer\n overflow. \n\nCAN-2004-0886\n\n Dmitry V. \n\n\nFor the stable distribution (woody) these problems have been fixed in\nversion 3.5.5-6woody1. \n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 3.6.1-2. \n\nWe recommend that you upgrade your libtiff package. \n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5-6woody1.dsc\n Size/MD5 checksum: 635 11a374e916d818c05a373feb04cab6a0\n http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5-6woody1.diff.gz\n Size/MD5 checksum: 36717 6f4d137f7c935d57757313a610dbd389\n http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5.orig.tar.gz\n Size/MD5 checksum: 693641 3b7199ba793dec6ca88f38bb0c8cc4d8\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_alpha.deb\n Size/MD5 checksum: 141424 18b6e6b621178c1419de8a13a0a62366\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_alpha.deb\n Size/MD5 checksum: 105148 875257fb73ba05a575d06650c130a545\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_alpha.deb\n Size/MD5 checksum: 423194 9796f3e82553cedb237f1b574570f143\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_arm.deb\n Size/MD5 checksum: 116928 5ed91b9586d830e8da9a5086fc5a6e76\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_arm.deb\n Size/MD5 checksum: 90466 f04c381a418fd33602d1ba30158597d3\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_arm.deb\n Size/MD5 checksum: 404262 30f13bfdf54cfca30ee5ca0f6c6d0e4e\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_i386.deb\n Size/MD5 checksum: 112068 d15dfdf84f010be08799d456726e1d9d\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_i386.deb\n Size/MD5 checksum: 81054 293f5c99f0a589917257ec7fee0b92fe\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_i386.deb\n Size/MD5 checksum: 387052 9606adb1668decf5ac1ee02a94298e85\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_ia64.deb\n Size/MD5 checksum: 158774 80c1b7ad68ecc78091ea95414125e81c\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_ia64.deb\n Size/MD5 checksum: 135386 b17f87aa0ad98fc50aa8c137a6f5089c\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_ia64.deb\n Size/MD5 checksum: 446496 757f3b6cc9d3f1ec5a2dfb1c3485caf3\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_hppa.deb\n Size/MD5 checksum: 128298 46dece015f0282bca0af7f6e740e9d31\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_hppa.deb\n Size/MD5 checksum: 106788 b837005b41c54c341cbd61e8fdb581ff\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_hppa.deb\n Size/MD5 checksum: 420346 3a2b91ee22af99eec3ab42d81cf9d59f\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_m68k.deb\n Size/MD5 checksum: 107302 0c702a3e5c2ad7ad7bd96dae64fa2d61\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_m68k.deb\n Size/MD5 checksum: 79770 d67f4347d35bf898a6ab1914cb53a42f\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_m68k.deb\n Size/MD5 checksum: 380218 42e6f07cf2e70de01ca40ac4a97254bf\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_mips.deb\n Size/MD5 checksum: 124048 85d8c8cbb62cc62c876bf4ed721027cf\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_mips.deb\n Size/MD5 checksum: 87840 5f3312f22b0f345c7eae434f5b871993\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_mips.deb\n Size/MD5 checksum: 410770 be817ddffa91c423b55fda3388d7ce48\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_mipsel.deb\n Size/MD5 checksum: 123558 42594e9270de16ff802c11eccf7a0efb\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_mipsel.deb\n Size/MD5 checksum: 88198 a8f0abe9205431caf94dce77d11ac477\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_mipsel.deb\n Size/MD5 checksum: 410860 68a12ef6d37fc575105c4ceb9b766949\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_powerpc.deb\n Size/MD5 checksum: 116042 2258da94549ae05ffae643bc40790487\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_powerpc.deb\n Size/MD5 checksum: 89424 c8d782561a299ffb65ea84b59d88117a\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_powerpc.deb\n Size/MD5 checksum: 402372 1eca24adda52b40c7a8d789fdeb3cb2e\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_s390.deb\n Size/MD5 checksum: 116870 dcddc86a0d96296c07076391adc9d754\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_s390.deb\n Size/MD5 checksum: 91742 40c1de704b191e4abb65af8a4b7fd75d\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_s390.deb\n Size/MD5 checksum: 395332 86d351b75f1f146ddad6d562ca77005c\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_sparc.deb\n Size/MD5 checksum: 132888 9ed9db78d727ba8bfbb25c1e68b03bf2\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_sparc.deb\n Size/MD5 checksum: 88556 a4069600bd9295a27d4eb6e9e0995495\n http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_sparc.deb\n Size/MD5 checksum: 397026 149e12055c5711129552fa938b5af431\n\n\n These files will probably be moved into the stable distribution on\n its next update. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c00600177\nVersion: 1\n\nHPSBUX02119 SSRT4848 rev.1 - HP-UX Running Motif Applications Remote Arbitrary \nCode Execution, Denial of Service (DoS)\n\nNOTICE: The information in this Security Bulletin should be acted upon as soon as possible. \n\nReferences: CERT VU#537878, VU#882750 \n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.00, B.11.11, B.11.23 running Motif applications. \n\nBACKGROUND\n\nPotential vulnerabilities have been reported with the handling of XPixMap format data:\nhttp://www.kb.cert.org/vuls/id/882750 \nhttp://www.kb.cert.org/vuls/id/537878 \n\nAFFECTED VERSIONS\n\nHP-UX B.11.00\n=============\nX11.MOTIF-SHLIB\naction: install PHSS_33129 or subsequent\n\nHP-UX B.11.11\n=============\nX11.MOTIF-SHLIB\naction: install PHSS_33130 or subsequent\n\nHP-UX B.11.23\n=============\nX11.MOTIF-SHLIB\naction: install PHSS_33132 or subsequent\n\nRESOLUTION\nHP has made the following patches available to resolve the issue. \nThe patches can be downloaded from http://itrc.hp.com \n\nHP-UX B.11.00 PHSS_33129 or subsequent \nHP-UX B.11.11 PHSS_33130 or subsequent \nHP-UX B.11.23 PHSS_33132 or subsequent \n\nMANUAL ACTIONS: No\n\nPRODUCT SPECIFIC INFORMATION \n\nHP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all\nHP-issued Security Bulletins to provide a subset of recommended actions that \npotentially affect a specific HP-UX system. For more information: \nhttp://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=B6834AA \n\nHISTORY \nVersion:1 (rev.1) 17 May 2006 Initial release\n\nSupport: For further information, contact normal HP Services\nsupport channel. \n\nReport: To report a potential security vulnerability with any HP\nsupported product, send Email to: security-alert@hp.com. It is\nstrongly recommended that security related information being\ncommunicated to HP be encrypted using PGP, especially exploit\ninformation. To get the security-alert PGP key, please send an\ne-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\n\nSubscribe: To initiate a subscription to receive future HP\nSecurity Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026\nlangcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\n\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n - check ALL categories for which alerts are required and\n continue. \nUnder Step2: your ITRC operating systems\n - verify your operating system selections are checked and\n save. \n\nTo update an existing subscription:\nhttp://h30046.www3.hp.com/subSignIn.php\nLog in on the web page:\n Subscriber\u0027s choice for Business: sign-in. \nOn the web page:\n Subscriber\u0027s Choice: your profile summary\n - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit:\nhttp://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters of the\nBulletin number in the title:\n\n GN = HP General SW,\n MA = HP Management Agents,\n MI = Misc. 3rd party SW,\n MP = HP MPE/iX,\n NS = HP NonStop Servers,\n OV = HP OpenVMS,\n PI = HP Printing \u0026 Imaging,\n ST = HP Storage SW,\n TL = HP Trusted Linux,\n TU = HP Tru64 UNIX,\n UX = HP-UX,\n VV = HP Virtual Vault\n\n\nSystem management and security procedures must be reviewed\nfrequently to maintain system integrity. HP is continually\nreviewing and enhancing the security features of software products\nto provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to\nbring to the attention of users of the affected HP products the\nimportant security information contained in this Bulletin. HP\nrecommends that all users determine the applicability of this\ninformation to their individual situations and take appropriate\naction. HP does not warrant that this information is necessarily\naccurate or complete for all user situations and, consequently, HP\nwill not be responsible for any damages resulting from user\u0027s use\nor disregard of the information provided in this Bulletin. To the\nextent permitted by law, HP disclaims all warranties, either\nexpress or implied, including the warranties of merchantability\nand fitness for a particular purpose, title and non-infringement.\"\n\n\n(c)Copyright 2006 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or\neditorial errors or omissions contained herein. The information\nprovided is provided \"as is\" without warranty of any kind. To the\nextent permitted by law, neither HP nor its affiliates,\nsubcontractors or suppliers will be liable for incidental, special\nor consequential damages including downtime cost; lost profits;\ndamages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. \nThe information in this document is subject to change without\nnotice. Hewlett-Packard Company and the names of Hewlett-Packard\nproducts referenced herein are trademarks of Hewlett-Packard\nCompany in the United States and other countries. Other product\nand company names mentioned herein may be trademarks of their\nrespective owners", "sources": [ { "db": "NVD", "id": "CVE-2004-0886" }, { "db": "CERT/CC", "id": "VU#354486" }, { "db": "CERT/CC", "id": "VU#258390" }, { "db": "CERT/CC", "id": "VU#356070" }, { "db": "CERT/CC", "id": "VU#539110" }, { "db": "CERT/CC", "id": "VU#706838" }, { "db": "CERT/CC", "id": "VU#331694" }, { "db": "CERT/CC", "id": "VU#687568" }, { "db": "CERT/CC", "id": "VU#687568" }, { "db": "JVNDB", "id": "JVNDB-2004-000445" }, { "db": "BID", "id": "11406" }, { "db": "VULHUB", "id": "VHN-9316" }, { "db": "PACKETSTORM", "id": "39271" }, { "db": "PACKETSTORM", "id": "34737" }, { "db": "PACKETSTORM", "id": "46611" } ], "trust": 8.01 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "SECUNIA", "id": "15227", "trust": 4.8 }, { "db": "NVD", "id": "CVE-2004-0886", "trust": 4.5 }, { "db": "SECTRACK", "id": "1011674", "trust": 3.5 }, { "db": "SECUNIA", "id": "12818", "trust": 3.5 }, { "db": "CERT/CC", "id": "VU#687568", "trust": 3.5 }, { "db": "SECTRACK", "id": "1012651", "trust": 2.4 }, { "db": "BID", "id": "11406", "trust": 2.2 }, { "db": "OSVDB", "id": "10751", "trust": 1.6 }, { "db": "CERT/CC", "id": "VU#354486", "trust": 0.9 }, { "db": "CERT/CC", "id": "VU#258390", "trust": 0.9 }, { "db": "CERT/CC", "id": "VU#356070", "trust": 0.9 }, { "db": "CERT/CC", "id": "VU#539110", "trust": 0.9 }, { "db": "CERT/CC", "id": "VU#706838", "trust": 0.9 }, { "db": "CERT/CC", "id": "VU#331694", "trust": 0.9 }, { "db": "OSVDB", "id": "16084", "trust": 0.8 }, { "db": "BID", "id": "13502", "trust": 0.8 }, { "db": "SECUNIA", "id": "13607", "trust": 0.8 }, { "db": "OSVDB", "id": "16085", "trust": 0.8 }, { "db": "SECTRACK", "id": "1013887", "trust": 0.8 }, { "db": "OSVDB", "id": "16075", "trust": 0.8 }, { "db": "XF", "id": "20376", "trust": 0.8 }, { "db": "XF", "id": "17715", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2004-000445", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-200501-308", "trust": 0.7 }, { "db": "BID", "id": "11501", "trust": 0.6 }, { "db": "SUSE", "id": "SUSE-SA:2004:039", "trust": 0.6 }, { "db": "XF", "id": "17819", "trust": 0.6 }, { "db": "GENTOO", "id": "GLSA-200410-30", "trust": 0.6 }, { "db": "GENTOO", "id": "GLSA-200410-20", "trust": 0.6 }, { "db": "MANDRAKE", "id": "MDKSA-2004:113", "trust": 0.6 }, { "db": "CERT/CC", "id": "VU#537878", "trust": 0.2 }, { "db": "CERT/CC", "id": "VU#882750", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-9316", "trust": 0.1 }, { "db": "CERT/CC", "id": "VU#125598", "trust": 0.1 }, { "db": "CERT/CC", "id": "VU#582934", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "39271", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "34737", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "46611", "trust": 0.1 } ], "sources": [ { "db": "CERT/CC", "id": "VU#354486" }, { "db": "CERT/CC", "id": "VU#258390" }, { "db": "CERT/CC", "id": "VU#356070" }, { "db": "CERT/CC", "id": "VU#539110" }, { "db": "CERT/CC", "id": "VU#706838" }, { "db": "CERT/CC", "id": "VU#331694" }, { "db": "CERT/CC", "id": "VU#687568" }, { "db": "CERT/CC", "id": "VU#687568" }, { "db": "VULHUB", "id": "VHN-9316" }, { "db": "BID", "id": "11406" }, { "db": "JVNDB", "id": "JVNDB-2004-000445" }, { "db": "PACKETSTORM", "id": "39271" }, { "db": "PACKETSTORM", "id": "34737" }, { "db": "PACKETSTORM", "id": "46611" }, { "db": "CNNVD", "id": "CNNVD-200501-308" }, { "db": "NVD", "id": "CVE-2004-0886" } ] }, "id": "VAR-200501-0287", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-9316" } ], "trust": 0.01 }, "last_update_date": "2024-11-29T22:36:04.792000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "libtiff", "trust": 0.8, "url": "http://www.miraclelinux.com/support/update/data/libtiff.html" }, { "title": "AXSA-2005-62:1", "trust": 0.8, "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=184" }, { "title": "RHSA-2005:021", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2005-021.html" }, { "title": "RHSA-2005:354", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2005-354.html" }, { "title": "RHSA-2004:577", "trust": 0.8, "url": "http://rhn.redhat.com/errata/RHSA-2004-577.html" }, { "title": "101677", "trust": 0.8, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1" }, { "title": "101677", "trust": 0.8, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-3" }, { "title": "TLSA-2005-4", "trust": 0.8, "url": "http://www.turbolinux.com/security/2005/TLSA-2005-4.txt" }, { "title": "RHSA-2005:021", "trust": 0.8, "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2005-021J.html" }, { "title": "RHSA-2005:354", "trust": 0.8, "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2005-354J.html" }, { "title": "RHSA-2004:577", "trust": 0.8, "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2004-577J.html" }, { "title": "TLSA-2005-4", "trust": 0.8, "url": "http://www.turbolinux.co.jp/security/2005/TLSA-2005-4j.txt" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2004-000445" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-Other", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2004-0886" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 4.8, "url": "http://secunia.com/advisories/15227/" }, { "trust": 4.0, "url": "http://docs.info.apple.com/article.html?artnum=301528" }, { "trust": 2.7, "url": "http://www.ciac.org/ciac/bulletins/p-015.shtml" }, { "trust": 2.4, "url": "http://securitytracker.com/alerts/2004/dec/1012651.html" }, { "trust": 2.4, "url": "http://www.idefense.com/application/poi/display?id=173\u0026type=vulnerabilities" }, { "trust": 2.4, "url": "http://secunia.com/advisories/12818/" }, { "trust": 1.9, "url": "http://www.securityfocus.com/bid/11406" }, { "trust": 1.9, "url": "http://www.kb.cert.org/vuls/id/687568" }, { "trust": 1.9, "url": "http://securitytracker.com/id?1011674" }, { "trust": 1.6, "url": "http://securitytracker.com/alerts/2004/oct/1011674.html" }, { "trust": 1.6, "url": "http://seclists.org/lists/bugtraq/2004/oct/0135.html" }, { "trust": 1.6, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0886" }, { "trust": 1.6, "url": "http://www.osvdb.org/displayvuln.php?osvdb_id=10751" }, { "trust": 1.4, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201072-1" }, { "trust": 1.1, "url": "http://www.kde.org/info/security/advisory-20041209-2.txt" }, { "trust": 1.1, "url": "http://www.debian.org/security/2004/dsa-567" }, { "trust": 1.1, "url": "http://www.mandriva.com/security/advisories?name=mdksa-2004:109" }, { "trust": 1.1, "url": "http://www.mandriva.com/security/advisories?name=mdksa-2005:052" }, { "trust": 1.1, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a100116" }, { "trust": 1.1, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9907" }, { "trust": 1.1, "url": "http://www.redhat.com/support/errata/rhsa-2004-577.html" }, { "trust": 1.1, "url": "http://www.redhat.com/support/errata/rhsa-2005-021.html" }, { "trust": 1.1, "url": "http://www.redhat.com/support/errata/rhsa-2005-354.html" }, { "trust": 1.1, "url": "http://secunia.com/advisories/12818" }, { "trust": 1.1, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1" }, { "trust": 1.1, "url": "http://www.novell.com/linux/security/advisories/2004_38_libtiff.html" }, { "trust": 1.1, "url": "http://www.trustix.org/errata/2004/0054/" }, { "trust": 1.1, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17715" }, { "trust": 1.0, "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000888" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=109779465621929\u0026w=2" }, { "trust": 0.8, "url": "http://www.idefense.com/application/poi/display?id=239" }, { "trust": 0.8, "url": "http://www.digitalmunition.com/dma%5b2005-0502a%5d.txt" }, { "trust": 0.8, "url": "http://remahl.se/david/vuln/011/" }, { "trust": 0.8, "url": "http://www.securityfocus.com/bid/13502/" }, { "trust": 0.8, "url": "http://www.osvdb.org/displayvuln.php?osvdb_id=16084" }, { "trust": 0.8, "url": "http://secunia.com/advisories/13607/" }, { "trust": 0.8, "url": "http://www.idefense.com/application/poi/display?id=240\u0026type=vulnerabilities" }, { "trust": 0.8, "url": "http://www.securityfocus.org/bid/13488" }, { "trust": 0.8, "url": "http://www.securitytracker.com/alerts/2005/may/1013887.html" }, { "trust": 0.8, "url": "http://www.osvdb.org/displayvuln.php?osvdb_id=16085" }, { "trust": 0.8, "url": "http://xforce.iss.net/xforce/xfdb/20376" }, { "trust": 0.8, "url": "http://www.apple.com/server/macosx/" }, { "trust": 0.8, "url": "http://www.osvdb.org/16075" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0886" }, { "trust": 0.8, "url": "http://xforce.iss.net/xforce/xfdb/17715" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnvu%23687568" }, { "trust": 0.8, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0886" }, { "trust": 0.6, "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-20.xml" }, { "trust": 0.6, "url": "http://xforce.iss.net/xforce/xfdb/17819" }, { "trust": 0.6, "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-30.xml" }, { "trust": 0.6, "url": "http://www.securityfocus.com/bid/11501" }, { "trust": 0.6, "url": "http://www.mandriva.com/security/advisories?name=mdksa-2004:113" }, { "trust": 0.6, "url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=109880927526773\u0026w=2" }, { "trust": 0.3, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57769-1" }, { "trust": 0.3, "url": "http://www.libtiff.org/" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2004-577.html" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2005-021.html" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2005-354.html" }, { "trust": 0.3, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101677-1\u0026searchclause=" }, { "trust": 0.3, "url": "http://support.avaya.com/elmodocs2/security/asa-2005-002_rhsa-2004-577.pdf" }, { "trust": 0.3, "url": "/archive/1/378421" }, { "trust": 0.1, "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026amp;anuncio=000888" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=109779465621929\u0026amp;w=2" }, { "trust": 0.1, "url": "http://www.kb.cert.org/vuls/id/125598\u003e" }, { "trust": 0.1, "url": "http://docs.info.apple.com/article.html?artnum=301528\u003e" }, { "trust": 0.1, "url": "http://www.kb.cert.org/vuls/id/539110\u003e" }, { "trust": 0.1, "url": "http://www.kb.cert.org/vuls/id/537878\u003e" }, { "trust": 0.1, "url": "http://www.kb.cert.org/vuls/id/356070\u003e" }, { "trust": 0.1, "url": "http://www.kb.cert.org/vuls/id/331694\u003e" }, { "trust": 0.1, "url": "http://www.kb.cert.org/vuls/id/882750\u003e" }, { "trust": 0.1, "url": "http://www.kb.cert.org/vuls/id/354486\u003e" }, { "trust": 0.1, "url": "http://www.kb.cert.org/vuls/id/706838\u003e" }, { "trust": 0.1, "url": "http://www.kb.cert.org/vuls/id/258390\u003e" }, { "trust": 0.1, "url": "http://www.kb.cert.org/vuls/id/582934\u003e" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_s390.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_i386.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_alpha.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_hppa.deb" }, { "trust": 0.1, "url": "http://www.debian.org/security/faq" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_hppa.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_alpha.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_mipsel.deb" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0803" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_ia64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_powerpc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_hppa.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_sparc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5-6woody1.dsc" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_arm.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_mips.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_mipsel.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_s390.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_ia64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_i386.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_mips.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_mipsel.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_mips.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_m68k.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5-6woody1.diff.gz" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_powerpc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_powerpc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_arm.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_i386.deb" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0804" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/tiff_3.5.5.orig.tar.gz" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_ia64.deb" }, { "trust": 0.1, "url": "http://packages.debian.org/\u003cpkg\u003e" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_s390.deb" }, { "trust": 0.1, "url": "http://security.debian.org/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0886" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_sparc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_m68k.deb" }, { "trust": 0.1, "url": "http://www.debian.org/security/" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g_3.5.5-6woody1_alpha.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_arm.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff3g-dev_3.5.5-6woody1_sparc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/t/tiff/libtiff-tools_3.5.5-6woody1_m68k.deb" }, { "trust": 0.1, "url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026" }, { "trust": 0.1, "url": "http://software.hp.com/portal/swdepot/displayproductinfo.do?productnumber=b6834aa" }, { "trust": 0.1, "url": "http://www.kb.cert.org/vuls/id/537878" }, { "trust": 0.1, "url": "http://www.itrc.hp.com/service/cki/secbullarchive.do" }, { "trust": 0.1, "url": "http://itrc.hp.com" }, { "trust": 0.1, "url": "http://h30046.www3.hp.com/subsignin.php" }, { "trust": 0.1, "url": "http://www.kb.cert.org/vuls/id/882750" } ], "sources": [ { "db": "CERT/CC", "id": "VU#354486" }, { "db": "CERT/CC", "id": "VU#258390" }, { "db": "CERT/CC", "id": "VU#356070" }, { "db": "CERT/CC", "id": "VU#539110" }, { "db": "CERT/CC", "id": "VU#706838" }, { "db": "CERT/CC", "id": "VU#331694" }, { "db": "CERT/CC", "id": "VU#687568" }, { "db": "CERT/CC", "id": "VU#687568" }, { "db": "VULHUB", "id": "VHN-9316" }, { "db": "BID", "id": "11406" }, { "db": "JVNDB", "id": "JVNDB-2004-000445" }, { "db": "PACKETSTORM", "id": "39271" }, { "db": "PACKETSTORM", "id": "34737" }, { "db": "PACKETSTORM", "id": "46611" }, { "db": "CNNVD", "id": "CNNVD-200501-308" }, { "db": "NVD", "id": "CVE-2004-0886" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CERT/CC", "id": "VU#354486" }, { "db": "CERT/CC", "id": "VU#258390" }, { "db": "CERT/CC", "id": "VU#356070" }, { "db": "CERT/CC", "id": "VU#539110" }, { "db": "CERT/CC", "id": "VU#706838" }, { "db": "CERT/CC", "id": "VU#331694" }, { "db": "CERT/CC", "id": "VU#687568" }, { "db": "CERT/CC", "id": "VU#687568" }, { "db": "VULHUB", "id": "VHN-9316" }, { "db": "BID", "id": "11406" }, { "db": "JVNDB", "id": "JVNDB-2004-000445" }, { "db": "PACKETSTORM", "id": "39271" }, { "db": "PACKETSTORM", "id": "34737" }, { "db": "PACKETSTORM", "id": "46611" }, { "db": "CNNVD", "id": "CNNVD-200501-308" }, { "db": "NVD", "id": "CVE-2004-0886" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2005-05-16T00:00:00", "db": "CERT/CC", "id": "VU#354486" }, { "date": "2005-05-09T00:00:00", "db": "CERT/CC", "id": "VU#258390" }, { "date": "2005-05-06T00:00:00", "db": "CERT/CC", "id": "VU#356070" }, { "date": "2005-01-20T00:00:00", "db": "CERT/CC", "id": "VU#539110" }, { "date": "2005-05-16T00:00:00", "db": "CERT/CC", "id": "VU#706838" }, { "date": "2005-05-16T00:00:00", "db": "CERT/CC", "id": "VU#331694" }, { "date": "2004-12-01T00:00:00", "db": "CERT/CC", "id": "VU#687568" }, { "date": "2004-12-01T00:00:00", "db": "CERT/CC", "id": "VU#687568" }, { "date": "2005-01-27T00:00:00", "db": "VULHUB", "id": "VHN-9316" }, { "date": "2004-10-13T00:00:00", "db": "BID", "id": "11406" }, { "date": "2007-04-01T00:00:00", "db": "JVNDB", "id": "JVNDB-2004-000445" }, { "date": "2005-08-14T06:00:54", "db": "PACKETSTORM", "id": "39271" }, { "date": "2004-10-26T02:30:56", "db": "PACKETSTORM", "id": "34737" }, { "date": "2006-05-24T08:55:30", "db": "PACKETSTORM", "id": "46611" }, { "date": "2004-10-14T00:00:00", "db": "CNNVD", "id": "CNNVD-200501-308" }, { "date": "2005-01-27T05:00:00", "db": "NVD", "id": "CVE-2004-0886" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2005-05-17T00:00:00", "db": "CERT/CC", "id": "VU#354486" }, { "date": "2005-05-16T00:00:00", "db": "CERT/CC", "id": "VU#258390" }, { "date": "2005-05-16T00:00:00", "db": "CERT/CC", "id": "VU#356070" }, { "date": "2005-08-23T00:00:00", "db": "CERT/CC", "id": "VU#539110" }, { "date": "2005-05-24T00:00:00", "db": "CERT/CC", "id": "VU#706838" }, { "date": "2005-05-25T00:00:00", "db": "CERT/CC", "id": "VU#331694" }, { "date": "2005-01-25T00:00:00", "db": "CERT/CC", "id": "VU#687568" }, { "date": "2005-01-25T00:00:00", "db": "CERT/CC", "id": "VU#687568" }, { "date": "2017-10-11T00:00:00", "db": "VULHUB", "id": "VHN-9316" }, { "date": "2009-05-05T15:46:00", "db": "BID", "id": "11406" }, { "date": "2007-04-01T00:00:00", "db": "JVNDB", "id": "JVNDB-2004-000445" }, { "date": "2009-02-05T00:00:00", "db": "CNNVD", "id": "CNNVD-200501-308" }, { "date": "2017-10-11T01:29:36.420000", "db": "NVD", "id": "CVE-2004-0886" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "39271" }, { "db": "PACKETSTORM", "id": "46611" }, { "db": "CNNVD", "id": "CNNVD-200501-308" } ], "trust": 0.8 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "LibTIFF contains multiple integer overflows", "sources": [ { "db": "CERT/CC", "id": "VU#687568" }, { "db": "CERT/CC", "id": "VU#687568" } ], "trust": 1.6 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer overflow", "sources": [ { "db": "CNNVD", "id": "CNNVD-200501-308" } ], "trust": 0.6 } }
var-200408-0141
Vulnerability from variot
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path"). The first issues reported have been assigned the CVE candidate identifier (CAN-2004-0234). LHA is reported prone to two stack-based buffer-overflow vulnerabilities. An attacker may exploit these vulnerabilities to execute supplied instructions with the privileges of the user who invoked the affected LHA utility. The second set of issues has been assigned CVE candidate identifier (CAN-2004-0235). In addition to the buffer-overflow vulnerabilities that were reported, LHA has been reported prone to several directory-traversal issues. An attacker may likely exploit these directory-traversal vulnerabilities to corrupt/overwrite files in the context of the user who is running the affected LHA utility. NOTE: Reportedly, this issue may also cause a denial-of-service condition in the ClearSwift MAILsweeper products due to code dependency. Update: Many F-Secure Anti-Virus products are also reported prone to the buffer-overflow vulnerability. LHa is a console-based decompression program. Carefully constructed file or directory names can execute arbitrary commands with process privileges. Attackers can build simple packages that corrupt system files when LHA operates. ------------------------------------------------------------------------
LHa buffer overflows and directory traversal problems
PROGRAM: LHa (Unix version) VENDOR: various people VULNERABLE VERSIONS: 1.14d to 1.14i 1.17 (Linux binary) possibly others IMMUNE VERSIONS: 1.14i with my patch applied 1.14h with my patch applied LHa 1.14: http://www2m.biglobe.ne.jp/~dolphin/lha/lha.htm http://www2m.biglobe.ne.jp/~dolphin/lha/prog/ LHa 1.17: http://www.infor.kanazawa-it.ac.jp/~ishii/lhaunix/ REFERENCES: CAN-2004-0234 (buffer overflows) CAN-2004-0235 (directory traversal)
- DESCRIPTION *
LHa is a console-based program for packing and unpacking LHarc archives.
It is one of the packages in Red Hat Linux, Fedora Core, SUSE Linux, Debian GNU/Linux (non-free), Mandrakelinux, Slackware Linux, Gentoo Linux, Yellow Dog Linux, Conectiva Linux and ALT Linux. It is also included in the port/package collections for FreeBSD, OpenBSD and NetBSD.
- OVERVIEW *
LHa has two stack-based buffer overflows and two directory traversal problems. They can be abused by malicious people in many different ways: some mail virus scanners require LHa and run it automatically on attached files in e-mail messages. Some web applications allow uploading and unpacking of LHarc archives. Some people set up their web browsers to start LHa automatically after downloading an LHarc archive. Finally, social engineering is probably quite effective in this case.
- TECHNICAL DETAILS *
a) two stack-based buffer overflows
The buffer overflows in LHa occur when testing (t) or extracting (x) archives where the archive contents have too long filenames or directory names. The cause of the problem is the function get_header() in header.c. This function first reads the lengths of filenames or directory names from the archive, and then it reads that many bytes to a char array (one for filenames and one for directory names) without checking if the array is big enough.
By exploiting this bug, you get control over several registers including EIP, as you can see in this session capture:
$ lha t buf_oflow.lha LHa: Error: Unknown information UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUU Segmentation fault $ lha x buf_oflow.lha LHa: Error: Unknown information UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUU Segmentation fault $ gdb lha GNU gdb Red Hat Linux (5.3post-0.20021129.18rh) Copyright 2003 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-redhat-linux-gnu"... (gdb) r x buf_oflow.lha Starting program: /usr/bin/lha x buf_oflow.lha LHa: Error: Unknown information UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUU
Program received signal SIGSEGV, Segmentation fault. 0x55555555 in ?? () (gdb) bt
0 0x55555555 in ?? ()
Cannot access memory at address 0x55555555 (gdb) i r eax 0x4001e4a0 1073865888 ecx 0xffffffe0 -32 edx 0x24 36 ebx 0x55555555 1431655765 esp 0xbfffdd50 0xbfffdd50 ebp 0x55555555 0x55555555 esi 0x55555555 1431655765 edi 0x55555555 1431655765 eip 0x55555555 0x55555555 eflags 0x210282 2163330 cs 0x23 35 ss 0x2b 43 ds 0x2b 43 es 0x2b 43 fs 0x0 0 gs 0x33 51 (gdb) r t buf_oflow.lha The program being debugged has been started already. Start it from the beginning? (y or n) y Starting program: /usr/bin/lha t buf_oflow.lha LHa: Error: Unknown information UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUU
Program received signal SIGSEGV, Segmentation fault. 0x55555555 in ?? () (gdb) bt
0 0x55555555 in ?? ()
Cannot access memory at address 0x55555555 (gdb) i r eax 0x4001e4a0 1073865888 ecx 0xffffffe0 -32 edx 0x24 36 ebx 0x55555555 1431655765 esp 0xbfffe6d0 0xbfffe6d0 ebp 0x55555555 0x55555555 esi 0x55555555 1431655765 edi 0x55555555 1431655765 eip 0x55555555 0x55555555 eflags 0x210286 2163334 cs 0x23 35 ss 0x2b 43 ds 0x2b 43 es 0x2b 43 fs 0x0 0 gs 0x33 51 (gdb) q The program is running. Exit anyway? (y or n) y $
b) two directory traversal problems
LHa has directory traversal problems, both with absolute paths and relative paths. There is no protection against relative paths at all, so you can simply use the lha binary to create an archive with paths like "../../../../../etc/cron.d/evil". There is some simple protection against absolute paths, namely skipping the first character if it is a slash, but again you can simply use the binary to create archives with paths like "//etc/cron.d/evil".
- ATTACHED FILES *
I have written a patch against version 1.14i that corrects all four problems. The patch is included as an attachment, together with some test archives.
- TIMELINE *
18 Apr: contacted the vendor-sec list and the LHa 1.14 author 18 Apr: tried to contact the LHa 1.17 author with a web form and a guessed e-mail address which bounced 19 Apr: reply from the vendor-sec list with CVE references 30 Apr: Red Hat released their advisory 01 May: I release this advisory
// Ulf Harnhammar Advogato diary :: http://www.advogato.org/person/metaur/ idiosynkratisk (Swedish electropop zine) :: http://idiosynkratisk.tk/ Debian Security Audit Project :: http://shellcode.org/Audit/
Show details on source website
{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-200408-0141", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "lha", "scope": "eq", "trust": 1.6, "vendor": "tsugio okamoto", "version": "1.17" }, { "model": "lha", "scope": "eq", "trust": 1.6, "vendor": "tsugio okamoto", "version": "1.15" }, { "model": "lha", "scope": "eq", "trust": 1.6, "vendor": "tsugio okamoto", "version": "1.14" }, { "model": "winzip", "scope": "eq", "trust": 1.3, "vendor": "winzip", "version": "9.0" }, { "model": "cgpmcafee", "scope": "eq", "trust": 1.3, "vendor": "stalker", "version": "3.2" }, { "model": "propack", "scope": "eq", "trust": 1.3, "vendor": "sgi", "version": "3.0" }, { "model": "propack", "scope": "eq", "trust": 1.3, "vendor": "sgi", "version": "2.4" }, { "model": "winrar", "scope": "eq", "trust": 1.3, "vendor": "rarlab", "version": "3.20" }, { "model": "internet gatekeeper", "scope": "eq", "trust": 1.3, "vendor": "f secure", "version": "6.32" }, { "model": "internet gatekeeper", "scope": "eq", "trust": 1.3, "vendor": "f secure", "version": "6.31" }, { "model": "f-secure for firewalls", "scope": "eq", "trust": 1.3, "vendor": "f secure", "version": "6.20" }, { "model": "mailsweeper", "scope": "eq", "trust": 1.3, "vendor": "clearswift", "version": "4.3.13" }, { "model": "mailsweeper", "scope": "eq", "trust": 1.3, "vendor": "clearswift", "version": "4.3.11" }, { "model": "mailsweeper", "scope": "eq", "trust": 1.3, "vendor": "clearswift", "version": "4.3.10" }, { "model": "mailsweeper", "scope": "eq", "trust": 1.3, "vendor": "clearswift", "version": "4.3.8" }, { "model": "mailsweeper", "scope": "eq", "trust": 1.3, "vendor": "clearswift", "version": "4.3.7" }, { "model": "mailsweeper", "scope": "eq", "trust": 1.3, "vendor": "clearswift", "version": "4.3.6" }, { "model": "mailsweeper", "scope": "eq", "trust": 1.3, "vendor": "clearswift", "version": "4.3.5" }, { "model": "mailsweeper", "scope": "eq", "trust": 1.3, "vendor": "clearswift", "version": "4.3.4" }, { "model": "mailsweeper", "scope": "eq", "trust": 1.3, "vendor": "clearswift", "version": "4.3.3" }, { "model": "mailsweeper", "scope": "eq", "trust": 1.3, "vendor": "clearswift", "version": "4.3" }, { "model": "mailsweeper", "scope": "eq", "trust": 1.3, "vendor": "clearswift", "version": "4.2" }, { "model": "mailsweeper", "scope": "eq", "trust": 1.3, "vendor": "clearswift", "version": "4.1" }, { "model": "mailsweeper", "scope": "eq", "trust": 1.3, "vendor": "clearswift", "version": "4.0" }, { "model": "f-secure personal express", "scope": "eq", "trust": 1.0, "vendor": "f secure", "version": "4.6" }, { "model": "f-secure internet security", "scope": "eq", "trust": 1.0, "vendor": "f secure", "version": "2003" }, { "model": "f-secure anti-virus", "scope": "eq", "trust": 1.0, "vendor": "f secure", "version": "2003" }, { "model": "f-secure anti-virus", "scope": "eq", "trust": 1.0, "vendor": "f secure", "version": "5.42" }, { "model": "f-secure anti-virus", "scope": "eq", "trust": 1.0, "vendor": "f secure", "version": "5.52" }, { "model": "f-secure internet security", "scope": "eq", "trust": 1.0, "vendor": "f secure", "version": "2004" }, { "model": "f-secure anti-virus", "scope": "eq", "trust": 1.0, "vendor": "f secure", "version": "5.41" }, { "model": "f-secure anti-virus", "scope": "eq", "trust": 1.0, "vendor": "f secure", "version": "4.51" }, { "model": "f-secure personal express", "scope": "eq", "trust": 1.0, "vendor": "f secure", "version": "4.5" }, { "model": "fedora core", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "core_1.0" }, { "model": "lha", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "1.14i-9" }, { "model": "f-secure anti-virus", "scope": "eq", "trust": 1.0, "vendor": "f secure", "version": "2004" }, { "model": "f-secure anti-virus", "scope": "eq", "trust": 1.0, "vendor": "f secure", "version": "4.52" }, { "model": "f-secure personal express", "scope": "eq", "trust": 1.0, "vendor": "f secure", "version": "4.7" }, { "model": "mailsweeper", "scope": "eq", "trust": 1.0, "vendor": "clearswift", "version": "4.3.6_sp1" }, { "model": "f-secure anti-virus", "scope": "eq", "trust": 1.0, "vendor": "f secure", "version": "4.60" }, { "model": "f-secure anti-virus", "scope": "eq", "trust": 1.0, "vendor": "f secure", "version": "6.21" }, { "model": "f-secure anti-virus", "scope": "eq", "trust": 1.0, "vendor": "f secure", "version": "5.5" }, { "model": "lha for unix", "scope": "lte", "trust": 0.8, "vendor": "lha for unix", "version": "1.17" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (ws)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (ws)" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3.0" }, { "model": "linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "9" }, { "model": "linux advanced workstation", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1" }, { "model": "linux i686", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "7.3" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "7.3" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "7.3" }, { "model": "lha-1.14i-9.i386.rpm", "scope": null, "trust": 0.3, "vendor": "redhat", "version": null }, { "model": "hat fedora core1", "scope": null, "trust": 0.3, "vendor": "red", "version": null }, { "model": "s.k. lha", "scope": "eq", "trust": 0.3, "vendor": "mr", "version": "1.17" }, { "model": "s.k. lha", "scope": "eq", "trust": 0.3, "vendor": "mr", "version": "1.15" }, { "model": "s.k. lha", "scope": "eq", "trust": 0.3, "vendor": "mr", "version": "1.14" }, { "model": "webshield smtp", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "4.5" }, { "model": "webshield appliances", "scope": null, "trust": 0.3, "vendor": "mcafee", "version": null }, { "model": "virusscan professional", "scope": null, "trust": 0.3, "vendor": "mcafee", "version": null }, { "model": "virusscan for netapp", "scope": null, "trust": 0.3, "vendor": "mcafee", "version": null }, { "model": "virusscan enterprise i", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "8.0" }, { "model": "virusscan command line", "scope": null, "trust": 0.3, "vendor": "mcafee", "version": null }, { "model": "virusscan", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "9.0" }, { "model": "virusscan", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "8.0" }, { "model": "virusscan", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "7.1" }, { "model": "virusscan", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "7.0" }, { "model": "virusscan", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "6.0" }, { "model": "virusscan", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "5.0" }, { "model": "virusscan", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "4.5.1" }, { "model": "virusscan", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "4.5" }, { "model": "virusscan", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "4.0.3" }, { "model": "virusscan", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "4.0" }, { "model": "virusscan", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "3.0" }, { "model": "virusscan", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "2.0" }, { "model": "virusscan", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "1.0" }, { "model": "virex", "scope": null, "trust": 0.3, "vendor": "mcafee", "version": null }, { "model": "securityshield for microsoft isa server", "scope": null, "trust": 0.3, "vendor": "mcafee", "version": null }, { "model": "portalshield for microsoft sharepoint", "scope": null, "trust": 0.3, "vendor": "mcafee", "version": null }, { "model": "netshield for netware", "scope": null, "trust": 0.3, "vendor": "mcafee", "version": null }, { "model": "managed virusscan", "scope": null, "trust": 0.3, "vendor": "mcafee", "version": null }, { "model": "linuxshield", "scope": null, "trust": 0.3, "vendor": "mcafee", "version": null }, { "model": "internet security suite", "scope": null, "trust": 0.3, "vendor": "mcafee", "version": null }, { "model": "groupshield for mail servers with epo", "scope": null, "trust": 0.3, "vendor": "mcafee", "version": null }, { "model": "groupshield for lotus domino", "scope": null, "trust": 0.3, "vendor": "mcafee", "version": null }, { "model": "groupshield for exchange", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "5.5" }, { "model": "asap virusscan", "scope": "eq", "trust": 0.3, "vendor": "mcafee", "version": "0" }, { "model": "active virus defense smb edition", "scope": null, "trust": 0.3, "vendor": "mcafee", "version": null }, { "model": "active threat protection", "scope": null, "trust": 0.3, "vendor": "mcafee", "version": null }, { "model": "active mail protection", "scope": null, "trust": 0.3, "vendor": "mcafee", "version": null }, { "model": "personal express", "scope": "eq", "trust": 0.3, "vendor": "f secure", "version": "4.7" }, { "model": "personal express", "scope": "eq", "trust": 0.3, "vendor": "f secure", "version": "4.6" }, { "model": "personal express", "scope": "eq", "trust": 0.3, "vendor": "f secure", "version": "4.5" }, { "model": "internet security", "scope": "eq", "trust": 0.3, "vendor": "f secure", "version": "2004" }, { "model": "internet security", "scope": "eq", "trust": 0.3, "vendor": "f secure", "version": "2003" }, { "model": "anti-virus for workstations", "scope": "eq", "trust": 0.3, "vendor": "f secure", "version": "5.42" }, { "model": "anti-virus for workstations", "scope": "eq", "trust": 0.3, "vendor": "f secure", "version": "5.41" }, { "model": "anti-virus for windows servers", "scope": "eq", "trust": 0.3, "vendor": "f secure", "version": "5.42" }, { "model": "anti-virus for windows servers", "scope": "eq", "trust": 0.3, "vendor": "f secure", "version": "5.41" }, { "model": "anti-virus for samba servers", "scope": "eq", "trust": 0.3, "vendor": "f secure", "version": "4.60" }, { "model": "anti-virus for ms exchange", "scope": "eq", "trust": 0.3, "vendor": "f secure", "version": "6.21" }, { "model": "anti-virus for mimesweeper", "scope": "eq", "trust": 0.3, "vendor": "f secure", "version": "5.42" }, { "model": "anti-virus for mimesweeper", "scope": "eq", "trust": 0.3, "vendor": "f secure", "version": "5.41" }, { "model": "anti-virus for linux workstations", "scope": "eq", "trust": 0.3, "vendor": "f secure", "version": "4.52" }, { "model": "anti-virus for linux workstations", "scope": "eq", "trust": 0.3, "vendor": "f secure", "version": "4.51" }, { "model": "anti-virus for linux servers", "scope": "eq", "trust": 0.3, "vendor": "f secure", "version": "4.52" }, { "model": "anti-virus for linux servers", "scope": "eq", "trust": 0.3, "vendor": "f secure", "version": "4.51" }, { "model": "anti-virus for linux gateways", "scope": "eq", "trust": 0.3, "vendor": "f secure", "version": "4.52" }, { "model": "anti-virus for linux gateways", "scope": "eq", "trust": 0.3, "vendor": "f secure", "version": "4.51" }, { "model": "anti-virus client security", "scope": "eq", "trust": 0.3, "vendor": "f secure", "version": "5.52" }, { "model": "anti-virus client security", "scope": "eq", "trust": 0.3, "vendor": "f secure", "version": "5.50" }, { "model": "anti-virus", "scope": "eq", "trust": 0.3, "vendor": "f secure", "version": "2004" }, { "model": "anti-virus", "scope": "eq", "trust": 0.3, "vendor": "f secure", "version": "2003" }, { "model": "mailsweeper sp1", "scope": "eq", "trust": 0.3, "vendor": "clearswift", "version": "4.3.6" }, { "model": "networks barracuda spam firewall", "scope": "eq", "trust": 0.3, "vendor": "barracuda", "version": "3.1.18" }, { "model": "networks barracuda spam firewall", "scope": "eq", "trust": 0.3, "vendor": "barracuda", "version": "3.1.17" }, { "model": "networks barracuda spam firewall", "scope": "ne", "trust": 0.3, "vendor": "barracuda", "version": "3.3.03.022" } ], "sources": [ { "db": "BID", "id": "10243" }, { "db": "JVNDB", "id": "JVNDB-2004-000170" }, { "db": "CNNVD", "id": "CNNVD-200408-176" }, { "db": "NVD", "id": "CVE-2004-0235" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:lha_for_unix_project:lha_for_unix", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:enterprise_linux", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:linux", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:linux_advanced_workstation", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2004-000170" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Ulf Harnhammar\u203b ulfh@update.uu.se\u203bJean-S\u00e9bastien Guay-Leroux\u203b jean-sebastien@guay-leroux.com", "sources": [ { "db": "CNNVD", "id": "CNNVD-200408-176" } ], "trust": 0.6 }, "cve": "CVE-2004-0235", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2004-0235", "impactScore": 4.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "VHN-8665", "impactScore": 4.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2004-0235", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2004-0235", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-200408-176", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-8665", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-8665" }, { "db": "JVNDB", "id": "JVNDB-2004-000170" }, { "db": "CNNVD", "id": "CNNVD-200408-176" }, { "db": "NVD", "id": "CVE-2004-0235" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes (\"//absolute/path\"). \nThe first issues reported have been assigned the CVE candidate identifier (CAN-2004-0234). LHA is reported prone to two stack-based buffer-overflow vulnerabilities. An attacker may exploit these vulnerabilities to execute supplied instructions with the privileges of the user who invoked the affected LHA utility. \nThe second set of issues has been assigned CVE candidate identifier (CAN-2004-0235). In addition to the buffer-overflow vulnerabilities that were reported, LHA has been reported prone to several directory-traversal issues. An attacker may likely exploit these directory-traversal vulnerabilities to corrupt/overwrite files in the context of the user who is running the affected LHA utility. \n**NOTE: Reportedly, this issue may also cause a denial-of-service condition in the ClearSwift MAILsweeper products due to code dependency. \n**Update: Many F-Secure Anti-Virus products are also reported prone to the buffer-overflow vulnerability. LHa is a console-based decompression program. Carefully constructed file or directory names can execute arbitrary commands with process privileges. Attackers can build simple packages that corrupt system files when LHA operates. ------------------------------------------------------------------------\n\nLHa buffer overflows and directory traversal problems\n\nPROGRAM: LHa (Unix version)\nVENDOR: various people\nVULNERABLE VERSIONS: 1.14d to 1.14i\n 1.17 (Linux binary)\n possibly others\nIMMUNE VERSIONS: 1.14i with my patch applied\n 1.14h with my patch applied\nLHa 1.14: http://www2m.biglobe.ne.jp/~dolphin/lha/lha.htm\n http://www2m.biglobe.ne.jp/~dolphin/lha/prog/\nLHa 1.17: http://www.infor.kanazawa-it.ac.jp/~ishii/lhaunix/\nREFERENCES: CAN-2004-0234 (buffer overflows)\n CAN-2004-0235 (directory traversal)\n\n* DESCRIPTION *\n\nLHa is a console-based program for packing and unpacking LHarc\narchives. \n\nIt is one of the packages in Red Hat Linux, Fedora Core, SUSE\nLinux, Debian GNU/Linux (non-free), Mandrakelinux, Slackware Linux,\nGentoo Linux, Yellow Dog Linux, Conectiva Linux and ALT Linux. \nIt is also included in the port/package collections for FreeBSD,\nOpenBSD and NetBSD. \n\n* OVERVIEW *\n\nLHa has two stack-based buffer overflows and two directory traversal\nproblems. They can be abused by malicious people in many different\nways: some mail virus scanners require LHa and run it automatically\non attached files in e-mail messages. Some web applications allow\nuploading and unpacking of LHarc archives. Some people set up their\nweb browsers to start LHa automatically after downloading an LHarc\narchive. Finally, social engineering is probably quite effective\nin this case. \n\n* TECHNICAL DETAILS *\n\na) two stack-based buffer overflows\n\nThe buffer overflows in LHa occur when testing (t) or extracting\n(x) archives where the archive contents have too long filenames\nor directory names. The cause of the problem is the function\nget_header() in header.c. This function first reads the lengths of\nfilenames or directory names from the archive, and then it reads\nthat many bytes to a char array (one for filenames and one for\ndirectory names) without checking if the array is big enough. \n\nBy exploiting this bug, you get control over several registers\nincluding EIP, as you can see in this session capture:\n\n$ lha t buf_oflow.lha\nLHa: Error: Unknown information UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUU\nSegmentation fault\n$ lha x buf_oflow.lha\nLHa: Error: Unknown information UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUU\nSegmentation fault\n$ gdb lha\nGNU gdb Red Hat Linux (5.3post-0.20021129.18rh)\nCopyright 2003 Free Software Foundation, Inc. \nGDB is free software, covered by the GNU General Public License, and\nyou are welcome to change it and/or distribute copies of it under\ncertain conditions. \nType \"show copying\" to see the conditions. \nThere is absolutely no warranty for GDB. Type \"show warranty\" for\ndetails. \nThis GDB was configured as \"i386-redhat-linux-gnu\"... \n(gdb) r x buf_oflow.lha\nStarting program: /usr/bin/lha x buf_oflow.lha\nLHa: Error: Unknown information UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUU\n\nProgram received signal SIGSEGV, Segmentation fault. \n0x55555555 in ?? ()\n(gdb) bt\n#0 0x55555555 in ?? ()\nCannot access memory at address 0x55555555\n(gdb) i r\neax 0x4001e4a0 1073865888\necx 0xffffffe0 -32\nedx 0x24 36\nebx 0x55555555 1431655765\nesp 0xbfffdd50 0xbfffdd50\nebp 0x55555555 0x55555555\nesi 0x55555555 1431655765\nedi 0x55555555 1431655765\neip 0x55555555 0x55555555\neflags 0x210282 2163330\ncs 0x23 35\nss 0x2b 43\nds 0x2b 43\nes 0x2b 43\nfs 0x0 0\ngs 0x33 51\n(gdb) r t buf_oflow.lha\nThe program being debugged has been started already. \nStart it from the beginning? (y or n) y\nStarting program: /usr/bin/lha t buf_oflow.lha\nLHa: Error: Unknown information UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUU\n\nProgram received signal SIGSEGV, Segmentation fault. \n0x55555555 in ?? ()\n(gdb) bt\n#0 0x55555555 in ?? ()\nCannot access memory at address 0x55555555\n(gdb) i r\neax 0x4001e4a0 1073865888\necx 0xffffffe0 -32\nedx 0x24 36\nebx 0x55555555 1431655765\nesp 0xbfffe6d0 0xbfffe6d0\nebp 0x55555555 0x55555555\nesi 0x55555555 1431655765\nedi 0x55555555 1431655765\neip 0x55555555 0x55555555\neflags 0x210286 2163334\ncs 0x23 35\nss 0x2b 43\nds 0x2b 43\nes 0x2b 43\nfs 0x0 0\ngs 0x33 51\n(gdb) q\nThe program is running. Exit anyway? (y or n) y\n$\n\nb) two directory traversal problems\n\nLHa has directory traversal problems, both with absolute paths\nand relative paths. There is no protection against relative paths\nat all, so you can simply use the lha binary to create an archive\nwith paths like \"../../../../../etc/cron.d/evil\". There is some\nsimple protection against absolute paths, namely skipping the first\ncharacter if it is a slash, but again you can simply use the binary\nto create archives with paths like \"//etc/cron.d/evil\". \n\n* ATTACHED FILES *\n\nI have written a patch against version 1.14i that corrects all\nfour problems. The patch is included as an attachment, together\nwith some test archives. \n\n* TIMELINE *\n\n18 Apr: contacted the vendor-sec list and the LHa 1.14 author\n18 Apr: tried to contact the LHa 1.17 author with a web form and\n a guessed e-mail address which bounced\n19 Apr: reply from the vendor-sec list with CVE references\n30 Apr: Red Hat released their advisory\n01 May: I release this advisory\n\n// Ulf Harnhammar\nAdvogato diary :: http://www.advogato.org/person/metaur/\nidiosynkratisk (Swedish electropop zine) :: http://idiosynkratisk.tk/\nDebian Security Audit Project :: http://shellcode.org/Audit/\n\n------------------------------------------------------------------------\n", "sources": [ { "db": "NVD", "id": "CVE-2004-0235" }, { "db": "JVNDB", "id": "JVNDB-2004-000170" }, { "db": "BID", "id": "10243" }, { "db": "VULHUB", "id": "VHN-8665" }, { "db": "PACKETSTORM", "id": "33241" } ], "trust": 2.07 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2004-0235", "trust": 2.9 }, { "db": "BID", "id": "10243", "trust": 2.8 }, { "db": "XF", "id": "16013", "trust": 1.4 }, { "db": "JVNDB", "id": "JVNDB-2004-000170", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-200408-176", "trust": 0.7 }, { "db": "FULLDISC", "id": "20040501 LHA BUFFER OVERFLOWS AND DIRECTORY TRAVERSAL PROBLEMS", "trust": 0.6 }, { "db": "OVAL", "id": "OVAL:ORG.MITRE.OVAL:DEF:978", "trust": 0.6 }, { "db": "OVAL", "id": "OVAL:ORG.MITRE.OVAL:DEF:10409", "trust": 0.6 }, { "db": "FEDORA", "id": "FEDORA-2004-119", "trust": 0.6 }, { "db": "FEDORA", "id": "FLSA:1833", "trust": 0.6 }, { "db": "DEBIAN", "id": "DSA-515", "trust": 0.6 }, { "db": "BUGTRAQ", "id": "20040510 [ULF HARNHAMMAR]: LHA ADVISORY + PATCH", "trust": 0.6 }, { "db": "GENTOO", "id": "GLSA-200405-02", "trust": 0.6 }, { "db": "REDHAT", "id": "RHSA-2004:178", "trust": 0.6 }, { "db": "REDHAT", "id": "RHSA-2004:179", "trust": 0.6 }, { "db": "CONECTIVA", "id": "CLA-2004:840", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-8665", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "33241", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-8665" }, { "db": "BID", "id": "10243" }, { "db": "JVNDB", "id": "JVNDB-2004-000170" }, { "db": "PACKETSTORM", "id": "33241" }, { "db": "CNNVD", "id": "CNNVD-200408-176" }, { "db": "NVD", "id": "CVE-2004-0235" } ] }, "id": "VAR-200408-0141", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-8665" } ], "trust": 0.01 }, "last_update_date": "2024-08-14T12:39:28.431000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "LHA for UNIX Version 1.17", "trust": 0.8, "url": "http://www.infor.kanazawa-it.ac.jp/~ishii/lhaunix/" }, { "title": "Top Page", "trust": 0.8, "url": "http://lha.sourceforge.jp/" }, { "title": "RHSA-2004:178", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2004-178.html" }, { "title": "RHSA-2004:179", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2004-179.html" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2004-000170" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-Other", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2004-0235" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "http://www.securityfocus.com/bid/10243" }, { "trust": 2.0, "url": "http://www.redhat.com/archives/fedora-announce-list/2004-may/msg00005.html" }, { "trust": 1.8, "url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2" }, { "trust": 1.7, "url": "http://www.debian.org/security/2004/dsa-515" }, { "trust": 1.7, "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833" }, { "trust": 1.7, "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-may/020776.html" }, { "trust": 1.7, "url": "http://security.gentoo.org/glsa/glsa-200405-02.xml" }, { "trust": 1.7, "url": "http://www.redhat.com/support/errata/rhsa-2004-178.html" }, { "trust": 1.7, "url": "http://www.redhat.com/support/errata/rhsa-2004-179.html" }, { "trust": 1.6, "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840" }, { "trust": 1.4, "url": "http://xforce.iss.net/xforce/xfdb/16013" }, { "trust": 1.4, "url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:978" }, { "trust": 1.1, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10409" }, { "trust": 1.1, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a978" }, { "trust": 1.1, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0235" }, { "trust": 0.8, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0235" }, { "trust": 0.6, "url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=108422737918885\u0026w=2" }, { "trust": 0.6, "url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:10409" }, { "trust": 0.4, "url": "http://www.infor.kanazawa-it.ac.jp/~ishii/lhaunix/" }, { "trust": 0.3, "url": "http://www.barracudanetworks.com/ns/products/spam_overview.php" }, { "trust": 0.3, "url": "http://www.stalker.com/cgpmcafee/" }, { "trust": 0.3, "url": "http://www.f-secure.com/security/fsc-2004-1.shtml" }, { "trust": 0.3, "url": "http://mail.stalker.com/lists/cgatepro/message/61244.html" }, { "trust": 0.3, "url": "http://images.mcafee.com/misc/mcafee_security_bulletin_05-march-17.pdf" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2004-178.html" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2004-219.html" }, { "trust": 0.3, "url": "http://www.rarsoft.com/" }, { "trust": 0.3, "url": "http://www.winzip.com/" }, { "trust": 0.3, "url": "/archive/1/366265" }, { "trust": 0.1, "url": "http://marc.info/?l=bugtraq\u0026amp;m=108422737918885\u0026amp;w=2" }, { "trust": 0.1, "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026amp;anuncio=000840" }, { "trust": 0.1, "url": "http://shellcode.org/audit/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0234" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0235" }, { "trust": 0.1, "url": "http://idiosynkratisk.tk/" }, { "trust": 0.1, "url": "http://www.advogato.org/person/metaur/" }, { "trust": 0.1, "url": "http://www2m.biglobe.ne.jp/~dolphin/lha/lha.htm" }, { "trust": 0.1, "url": "http://www2m.biglobe.ne.jp/~dolphin/lha/prog/" } ], "sources": [ { "db": "VULHUB", "id": "VHN-8665" }, { "db": "BID", "id": "10243" }, { "db": "JVNDB", "id": "JVNDB-2004-000170" }, { "db": "PACKETSTORM", "id": "33241" }, { "db": "CNNVD", "id": "CNNVD-200408-176" }, { "db": "NVD", "id": "CVE-2004-0235" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-8665" }, { "db": "BID", "id": "10243" }, { "db": "JVNDB", "id": "JVNDB-2004-000170" }, { "db": "PACKETSTORM", "id": "33241" }, { "db": "CNNVD", "id": "CNNVD-200408-176" }, { "db": "NVD", "id": "CVE-2004-0235" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2004-08-18T00:00:00", "db": "VULHUB", "id": "VHN-8665" }, { "date": "2004-04-30T00:00:00", "db": "BID", "id": "10243" }, { "date": "2008-05-21T00:00:00", "db": "JVNDB", "id": "JVNDB-2004-000170" }, { "date": "2004-05-04T04:25:06", "db": "PACKETSTORM", "id": "33241" }, { "date": "2004-04-30T00:00:00", "db": "CNNVD", "id": "CNNVD-200408-176" }, { "date": "2004-08-18T04:00:00", "db": "NVD", "id": "CVE-2004-0235" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-10-11T00:00:00", "db": "VULHUB", "id": "VHN-8665" }, { "date": "2009-07-12T04:07:00", "db": "BID", "id": "10243" }, { "date": "2008-05-21T00:00:00", "db": "JVNDB", "id": "JVNDB-2004-000170" }, { "date": "2006-09-20T00:00:00", "db": "CNNVD", "id": "CNNVD-200408-176" }, { "date": "2017-10-11T01:29:24.810000", "db": "NVD", "id": "CVE-2004-0235" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-200408-176" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Lha Directory Traversal Vulnerability in Testing and Extracting Process", "sources": [ { "db": "JVNDB", "id": "JVNDB-2004-000170" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Unknown", "sources": [ { "db": "BID", "id": "10243" }, { "db": "CNNVD", "id": "CNNVD-200408-176" } ], "trust": 0.9 } }
var-200504-0293
Vulnerability from variot
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ GNU zip (gzip) Is a utility that compresses and decompresses files. grep Run zgrep Or unzip the compressed file gunzip Each tool is packaged. Gzip 1.2.4 Previously, there were several security issues: 1) gzip 1.2.4 Included before zgrep There is a problem that does not properly sanitize arguments. (CAN-2005-0758) Details are currently unknown, but local attackers who exploit this issue zgrep An arbitrary command may be executed by passing an intentional file name to. 3) gzip 1.2.4 Included before gunzip Is -N When decompressing a compressed file with a flag, there is a problem that the validity of the file name is not properly checked. (CAN-2005-1228) A remote attacker who exploits this issue ".." Send a compressed file that is a compressed file containing an intentional character string to the target user gzip Inducing a directory traversal attack by inducing unpacking with.Please refer to the “Overview” for the impact of this vulnerability. The gzip utility is reported prone to a security weakness; the issue occurs only when an archive is extracted into a world- or group-writeable directory. This weakness is reported to affect gzip 1.2.4, 1.3.3, and previous versions.
Want a new IT Security job?
Vacant positions at Secunia: http://secunia.com/secunia_vacancies/
TITLE: gzip Directory Traversal Vulnerability
SECUNIA ADVISORY ID: SA15047
VERIFY ADVISORY: http://secunia.com/advisories/15047/
CRITICAL: Less critical
IMPACT: System access
WHERE:
From remote
SOFTWARE: gzip 1.x http://secunia.com/product/4220/
DESCRIPTION: Ulf H\xe4rnhammar has reported a vulnerability in gzip, which potentially can be exploited by malicious people to compromise a user's system. This makes it possible to have a file extracted to an arbitrary location outside the current directory via directory traversal attacks.
The vulnerability has been reported in version 1.2.4, 1.2.4a, 1.3.3, 1.3.4 and 1.3.5. Other versions may also be affected.
SOLUTION: Do not extract untrusted ".gz" files with the "-N" flag.
PROVIDED AND/OR DISCOVERED BY: Ulf H\xe4rnhammar
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200505-05
http://security.gentoo.org/
Severity: Normal Title: gzip: Multiple vulnerabilities Date: May 09, 2005 Bugs: #89946, #90626 ID: 200505-05
Synopsis
gzip contains multiple vulnerabilities potentially allowing an attacker to execute arbitrary commands. The zgrep utility improperly sanitizes arguments, which may come from an untrusted source (CAN-2005-0758).
Impact
These vulnerabilities could allow arbitrary command execution, changing the permissions of arbitrary files, and installation of files to an aribitrary location in the filesystem.
Workaround
There is no known workaround at this time.
Resolution
All gzip users should upgrade to the latest stable version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-arch/gzip-1.3.5-r6"
References
[ 1 ] CAN-2005-0758 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0758 [ 2 ] CAN-2005-0988 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0988 [ 3 ] CAN-2005-1228 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1228
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200505-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.0
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-200504-0293", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "linux", "scope": "eq", "trust": 1.6, "vendor": "ubuntu", "version": "5.04" }, { "model": "linux", "scope": "eq", "trust": 1.6, "vendor": "ubuntu", "version": "4.1" }, { "model": "freebsd", "scope": "eq", "trust": 1.3, "vendor": "freebsd", "version": "5.1" }, { "model": "workstation", "scope": "eq", "trust": 1.3, "vendor": "turbolinux", "version": "8.0" }, { "model": "server", "scope": "eq", "trust": 1.3, "vendor": "turbolinux", "version": "7.0" }, { "model": "gzip", "scope": "eq", "trust": 1.3, "vendor": "gnu", "version": "1.3.3" }, { "model": "freebsd", "scope": "eq", "trust": 1.3, "vendor": "freebsd", "version": "4.6.2" }, { "model": "freebsd", "scope": "eq", "trust": 1.3, "vendor": "freebsd", "version": "4.8" }, { "model": "freebsd", "scope": "eq", "trust": 1.3, "vendor": "freebsd", "version": "4.0" }, { "model": "secure linux", "scope": "eq", "trust": 1.3, "vendor": "trustix", "version": "2.2" }, { "model": "secure linux", "scope": "eq", "trust": 1.3, "vendor": "trustix", "version": "2.1" }, { "model": "freebsd", "scope": "eq", "trust": 1.3, "vendor": "freebsd", "version": "4.7" }, { "model": "freebsd", "scope": "eq", "trust": 1.3, "vendor": "freebsd", "version": "4.9" }, { "model": "freebsd", "scope": "eq", "trust": 1.3, "vendor": "freebsd", "version": "5.2" }, { "model": "server", "scope": "eq", "trust": 1.3, "vendor": "turbolinux", "version": "8.0" }, { "model": "desktop", "scope": "eq", "trust": 1.3, "vendor": "turbolinux", "version": "10.0" }, { "model": "server", "scope": "eq", "trust": 1.3, "vendor": "turbolinux", "version": "10.0" }, { "model": "freebsd", "scope": "eq", "trust": 1.3, "vendor": "freebsd", "version": "4.1.1" }, { "model": "freebsd", "scope": "eq", "trust": 1.3, "vendor": "freebsd", "version": "4.10" }, { "model": "freebsd", "scope": "eq", "trust": 1.3, "vendor": "freebsd", "version": "4.1" }, { "model": "freebsd", "scope": "eq", "trust": 1.3, "vendor": "freebsd", "version": "4.6" }, { "model": "freebsd", "scope": "eq", "trust": 1.3, "vendor": "freebsd", "version": "5.3" }, { "model": "gzip", "scope": "eq", "trust": 1.3, "vendor": "gnu", "version": "1.2.4" }, { "model": "freebsd", "scope": "eq", "trust": 1.3, "vendor": "freebsd", "version": "4.3" }, { "model": "workstation", "scope": "eq", "trust": 1.3, "vendor": "turbolinux", "version": "7.0" }, { "model": "freebsd", "scope": "eq", "trust": 1.3, "vendor": "freebsd", "version": "4.5" }, { "model": "freebsd", "scope": "eq", "trust": 1.3, "vendor": "freebsd", "version": "4.2" }, { "model": "freebsd", "scope": "eq", "trust": 1.3, "vendor": "freebsd", "version": "5.0" }, { "model": "freebsd", "scope": "eq", "trust": 1.3, "vendor": "freebsd", "version": "4.4" }, { "model": "secure linux", "scope": "eq", "trust": 1.0, "vendor": "trustix", "version": "2.0" }, { "model": "appliance server", "scope": "eq", "trust": 1.0, "vendor": "turbolinux", "version": "1.0_hosting" }, { "model": "freebsd", "scope": "eq", "trust": 1.0, "vendor": "freebsd", "version": "5.2.1" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "3.0" }, { "model": "enterprise linux", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "3.0" }, { "model": "freebsd", "scope": "eq", "trust": 1.0, "vendor": "freebsd", "version": "4.11" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "gentoo", "version": "*" }, { "model": "linux advanced workstation", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "2.1" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "4.0" }, { "model": "freebsd", "scope": "eq", "trust": 1.0, "vendor": "freebsd", "version": "5.4" }, { "model": "appliance server", "scope": "eq", "trust": 1.0, "vendor": "turbolinux", "version": "1.0_workgroup" }, { "model": "enterprise linux", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "4.0" }, { "model": "gzip", "scope": "eq", "trust": 1.0, "vendor": "gnu", "version": "1.2.4a" }, { "model": "enterprise linux", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "2.1" }, { "model": "home", "scope": "eq", "trust": 1.0, "vendor": "turbolinux", "version": "*" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "2.0" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "2.1" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3.0" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3.0 (x86-64)" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "4.0" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "4.0 (x86-64)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "10 (sparc)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "10 (x86)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "8 (sparc)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "8 (x86)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "9 (sparc)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "9 (x86)" }, { "model": "turbolinux server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "10" }, { "model": "turbolinux server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "7" }, { "model": "turbolinux server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "8" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (ws)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (ws)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 (ws)" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.1.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.8" }, { "model": "s8500 r2.0.0", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.5" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.2" }, { "model": "s8700 r2.0.0", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.0.4" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.3" }, { "model": "-stablepre122300", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.2" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.10" }, { "model": "alpha", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.0" }, { "model": "linux ppc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "4.1" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.11" }, { "model": "network messaging", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "5.04" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.9" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.2.1" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.2" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.1" }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.6" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.4" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.5" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.0.x" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.6" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.6" }, { "model": "directory pro", "scope": "eq", "trust": 0.3, "vendor": "cosmicperl", "version": "10.0.3" }, { "model": "big-ip", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "4.5.13" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "appliance server hosting edition", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "1.0" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.1" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "open server", "scope": "eq", "trust": 0.3, "vendor": "sco", "version": "5.0.7" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3" }, { "model": "advanced workstation for the itanium processor", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "s8500 r2.0.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.6" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.4" }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.7" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.03" }, { "model": "-release-p7", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.8" }, { "model": "-release-p32", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5.12" }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1" }, { "model": "enterprise linux ws ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.2" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.4" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.8" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.7" }, { "model": "s8710 r2.0.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.3" }, { "model": "3-dns", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "4.5.13" }, { "model": "integrated management", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.7" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.2" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.4" }, { "model": "solaris 8 sparc", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.4" }, { "model": "big-ip", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "4.7" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.3" }, { "model": "solaris", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "9" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.5" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.11" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.0" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.7" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.5" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5.11" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.6.2" }, { "model": "advanced linux environment", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "3.0" }, { "model": "propack", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "3.0" }, { "model": "desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4.0" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.4" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.8" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.3" }, { "model": "home", "scope": null, "trust": 0.3, "vendor": "turbolinux", "version": null }, { "model": "-stablepre2002-03-07", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.0" }, { "model": "intuity lx", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.6.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.2" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.8" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.5" }, { "model": "3-dns", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "4.7" }, { "model": "appliance server workgroup edition", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "1.0" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.0.1" }, { "model": "advanced workstation for the itanium processor ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.1" }, { "model": "solaris 8 x86", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.2" }, { "model": "-release-p8", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.10" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.9" }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.6.3" }, { "model": "s8300 r2.0.0", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.2" }, { "model": "linux", "scope": null, "trust": 0.3, "vendor": "gentoo", "version": null }, { "model": "linux ia64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "4.1" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.7" }, { "model": "-release-p17", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.7" }, { "model": "unixware", "scope": "eq", "trust": 0.3, "vendor": "sco", "version": "7.1.4" }, { "model": "alpha", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.0" }, { "model": "-release/alpha", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.1" }, { "model": "secure enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "trustix", "version": "2.0" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.2" }, { "model": "integrated management", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.9" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.5" }, { "model": "solaris 10.0 x86", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.6" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.7" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.6" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.2" }, { "model": "enterprise linux as ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "cvlan", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "s8300 r2.0.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "solaris", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "10" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.4" }, { "model": "-prerelease", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.6" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.7" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.10" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.1" }, { "model": "-release-p20", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6" }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.0.3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.0.2" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.1" }, { "model": "-release-p38", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.3" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.0" }, { "model": "gzip", "scope": "eq", "trust": 0.3, "vendor": "gnu", "version": "1.3.2" }, { "model": "-release-p14", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.0" }, { "model": "modular messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.0" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.3" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "5.04" }, { "model": "s8710 r2.0.0", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1" }, { "model": "-prerelease", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.8" }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5.11" }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.6.2" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.6" }, { "model": "gzip a", "scope": "eq", "trust": 0.3, "vendor": "gnu", "version": "1.2.4" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.1.1" }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "solaris 9 x86 update", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "2" }, { "model": "desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3.0" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.8" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.7" }, { "model": "s8700 r2.0.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5.9" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.4" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.3" }, { "model": "-release-p5", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.1" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.3" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6" }, { "model": "gzip", "scope": "eq", "trust": 0.3, "vendor": "gnu", "version": "1.3.5" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "5.04" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.5" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.2" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.3" }, { "model": "-stablepre050201", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.2" }, { "model": "solaris 9 x86", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5.12" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.4" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5.6" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.3" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.2" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.1" }, { "model": "-prerelease", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.9" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.0" }, { "model": "-release-p3", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.11" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.3" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.5" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.0" }, { "model": "-release-p42", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.4" }, { "model": "converged communications server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.0" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.7" }, { "model": "linux ia32", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "4.1" }, { "model": "modular messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.3" }, { "model": "open server", "scope": "eq", "trust": 0.3, "vendor": "sco", "version": "6.0" }, { "model": "enterprise linux es ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.2" }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.4" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5.10" } ], "sources": [ { "db": "BID", "id": "12996" }, { "db": "JVNDB", "id": "JVNDB-2005-000229" }, { "db": "CNNVD", "id": "CNNVD-200505-423" }, { "db": "NVD", "id": "CVE-2005-0988" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server", "vulnerable": true }, { "cpe22Uri": "cpe:/o:sun:solaris", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux_server", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:enterprise_linux", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2005-000229" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Dino Dai Zovi ddaizovi@atstake.com Tom Ferris tommy@security-protocols.com Neil ArchibaldRob MiddletonGael DelalleauJesse Ruderman jruderman@gmail.com", "sources": [ { "db": "CNNVD", "id": "CNNVD-200505-423" } ], "trust": 0.6 }, "cve": "CVE-2005-0988", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 3.7, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 1.9, "id": "CVE-2005-0988", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "LOW", "trust": 1.8, "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2005-0988", "trust": 1.0, "value": "LOW" }, { "author": "NVD", "id": "CVE-2005-0988", "trust": 0.8, "value": "Low" }, { "author": "CNNVD", "id": "CNNVD-200505-423", "trust": 0.6, "value": "LOW" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2005-000229" }, { "db": "CNNVD", "id": "CNNVD-200505-423" }, { "db": "NVD", "id": "CVE-2005-0988" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ GNU zip (gzip) Is a utility that compresses and decompresses files. grep Run zgrep Or unzip the compressed file gunzip Each tool is packaged. Gzip 1.2.4 Previously, there were several security issues: 1) gzip 1.2.4 Included before zgrep There is a problem that does not properly sanitize arguments. (CAN-2005-0758) Details are currently unknown, but local attackers who exploit this issue zgrep An arbitrary command may be executed by passing an intentional file name to. 3) gzip 1.2.4 Included before gunzip Is -N When decompressing a compressed file with a flag, there is a problem that the validity of the file name is not properly checked. (CAN-2005-1228) A remote attacker who exploits this issue \"..\" Send a compressed file that is a compressed file containing an intentional character string to the target user gzip Inducing a directory traversal attack by inducing unpacking with.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. The gzip utility is reported prone to a security weakness; the issue occurs only when an archive is extracted into a world- or group-writeable directory. \nThis weakness is reported to affect gzip 1.2.4, 1.3.3, and previous versions. \n----------------------------------------------------------------------\n\nWant a new IT Security job?\n\nVacant positions at Secunia:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\ngzip Directory Traversal Vulnerability\n\nSECUNIA ADVISORY ID:\nSA15047\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/15047/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\ngzip 1.x\nhttp://secunia.com/product/4220/\n\nDESCRIPTION:\nUlf H\\xe4rnhammar has reported a vulnerability in gzip, which\npotentially can be exploited by malicious people to compromise a\nuser\u0027s system. This makes it\npossible to have a file extracted to an arbitrary location outside\nthe current directory via directory traversal attacks. \n\nThe vulnerability has been reported in version 1.2.4, 1.2.4a, 1.3.3,\n1.3.4 and 1.3.5. Other versions may also be affected. \n\nSOLUTION:\nDo not extract untrusted \".gz\" files with the \"-N\" flag. \n\nPROVIDED AND/OR DISCOVERED BY:\nUlf H\\xe4rnhammar\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200505-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: gzip: Multiple vulnerabilities\n Date: May 09, 2005\n Bugs: #89946, #90626\n ID: 200505-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\ngzip contains multiple vulnerabilities potentially allowing an attacker\nto execute arbitrary commands. The zgrep utility improperly\nsanitizes arguments, which may come from an untrusted source\n(CAN-2005-0758). \n\nImpact\n======\n\nThese vulnerabilities could allow arbitrary command execution, changing\nthe permissions of arbitrary files, and installation of files to an\naribitrary location in the filesystem. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll gzip users should upgrade to the latest stable version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-arch/gzip-1.3.5-r6\"\n\nReferences\n==========\n\n [ 1 ] CAN-2005-0758\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0758\n [ 2 ] CAN-2005-0988\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0988\n [ 3 ] CAN-2005-1228\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1228\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200505-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2005 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.0\n", "sources": [ { "db": "NVD", "id": "CVE-2005-0988" }, { "db": "JVNDB", "id": "JVNDB-2005-000229" }, { "db": "BID", "id": "12996" }, { "db": "PACKETSTORM", "id": "37396" }, { "db": "PACKETSTORM", "id": "38412" } ], "trust": 2.07 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2005-0988", "trust": 2.8 }, { "db": "BID", "id": "12996", "trust": 2.7 }, { "db": "BID", "id": "19289", "trust": 1.6 }, { "db": "SECUNIA", "id": "18100", "trust": 1.6 }, { "db": "SECUNIA", "id": "21253", "trust": 1.6 }, { "db": "SECUNIA", "id": "22033", "trust": 1.6 }, { "db": "OSVDB", "id": "15487", "trust": 1.6 }, { "db": "VUPEN", "id": "ADV-2006-3101", "trust": 1.6 }, { "db": "USCERT", "id": "TA06-214A", "trust": 1.6 }, { "db": "SECUNIA", "id": "15047", "trust": 0.9 }, { "db": "BID", "id": "13582", "trust": 0.8 }, { "db": "BID", "id": "13290", "trust": 0.8 }, { "db": "XF", "id": "20199", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2005-000229", "trust": 0.8 }, { "db": "SCO", "id": "SCOSA-2005.58", "trust": 0.6 }, { "db": "OVAL", "id": "OVAL:ORG.MITRE.OVAL:DEF:1169", "trust": 0.6 }, { "db": "OVAL", "id": "OVAL:ORG.MITRE.OVAL:DEF:765", "trust": 0.6 }, { "db": "SLACKWARE", "id": "SSA:2006-262", "trust": 0.6 }, { "db": "BUGTRAQ", "id": "20050404 GZIP TOCTOU FILE-PERMISSIONS VULNERABILITY", "trust": 0.6 }, { "db": "CERT/CC", "id": "TA06-214A", "trust": 0.6 }, { "db": "REDHAT", "id": "RHSA-2005:357", "trust": 0.6 }, { "db": "APPLE", "id": "APPLE-SA-2006-08-01", "trust": 0.6 }, { "db": "SUNALERT", "id": "101816", "trust": 0.6 }, { "db": "DEBIAN", "id": "DSA-752", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-200505-423", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "37396", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "38412", "trust": 0.1 } ], "sources": [ { "db": "BID", "id": "12996" }, { "db": "JVNDB", "id": "JVNDB-2005-000229" }, { "db": "PACKETSTORM", "id": "37396" }, { "db": "PACKETSTORM", "id": "38412" }, { "db": "CNNVD", "id": "CNNVD-200505-423" }, { "db": "NVD", "id": "CVE-2005-0988" } ] }, "id": "VAR-200504-0293", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.4615448 }, "last_update_date": "2024-11-29T19:54:38.738000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "AXSA-2005-51:1", "trust": 0.8, "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=87" }, { "title": "AXSA-2006-27:1", "trust": 0.8, "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=342" }, { "title": "bzip2", "trust": 0.8, "url": "http://www.miraclelinux.com/support/update/data/bzip2.html" }, { "title": "gzip", "trust": 0.8, "url": "http://www.miraclelinux.com/support/update/data/gzip.html" }, { "title": "AXSA-2005-48:1", "trust": 0.8, "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=86" }, { "title": "RHSA-2005:357", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2005-357.html" }, { "title": "RHSA-2005:474", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2005-474.html" }, { "title": "101816", "trust": 0.8, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101816-1" }, { "title": "101816", "trust": 0.8, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101816-3" }, { "title": "TLSA-2005-59", "trust": 0.8, "url": "http://www.turbolinux.com/security/2005/TLSA-2005-59.txt" }, { "title": "RHSA-2005:357", "trust": 0.8, "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2005-357J.html" }, { "title": "RHSA-2005:474", "trust": 0.8, "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2005-474J.html" }, { "title": "TLSA-2005-59", "trust": 0.8, "url": "http://www.turbolinux.co.jp/security/2005/TLSA-2005-59j.txt" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2005-000229" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-Other", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2005-0988" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.4, "url": "http://www.securityfocus.com/bid/12996" }, { "trust": 1.9, "url": "http://rhn.redhat.com/errata/rhsa-2005-357.html" }, { "trust": 1.9, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101816-1" }, { "trust": 1.6, "url": "http://www.us-cert.gov/cas/techalerts/ta06-214a.html" }, { "trust": 1.6, "url": "http://www.securityfocus.com/bid/19289" }, { "trust": 1.6, "url": "http://www.securityfocus.com/archive/1/394965" }, { "trust": 1.6, "url": "http://www.osvdb.org/15487" }, { "trust": 1.6, "url": "http://www.debian.org/security/2005/dsa-752" }, { "trust": 1.6, "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.555852" }, { "trust": 1.6, "url": "http://secunia.com/advisories/22033" }, { "trust": 1.6, "url": "http://secunia.com/advisories/21253" }, { "trust": 1.6, "url": "http://secunia.com/advisories/18100" }, { "trust": 1.6, "url": "http://lists.apple.com/archives/security-announce/2006//aug/msg00000.html" }, { "trust": 1.6, "url": "ftp://ftp.sco.com/pub/updates/unixware/scosa-2005.58/scosa-2005.58.txt" }, { "trust": 1.0, "url": "http://www.vupen.com/english/advisories/2006/3101" }, { "trust": 1.0, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a765" }, { "trust": 1.0, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a1169" }, { "trust": 1.0, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10242" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-0988" }, { "trust": 0.8, "url": "http://xforce.iss.net/xforce/xfdb/20199" }, { "trust": 0.8, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-0988" }, { "trust": 0.8, "url": "http://secunia.com/advisories/15047" }, { "trust": 0.8, "url": "http://www.securityfocus.com/bid/13582" }, { "trust": 0.8, "url": "http://www.securityfocus.com/bid/13290" }, { "trust": 0.6, "url": "http://www.frsirt.com/english/advisories/2006/3101" }, { "trust": 0.6, "url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:765" }, { "trust": 0.6, "url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:1169" }, { "trust": 0.3, "url": "http://support.avaya.com/elmodocs2/security/asa-2005-172.pdf" }, { "trust": 0.3, "url": "http://www.gzip.org/" }, { "trust": 0.3, "url": "http://tech.f5.com/home/bigip/solutions/advisories/sol4532.html" }, { "trust": 0.3, "url": "/archive/1/394965" }, { "trust": 0.3, "url": "/archive/1/395622" }, { "trust": 0.3, "url": "/archive/1/395715" }, { "trust": 0.3, "url": "/archive/1/395718" }, { "trust": 0.3, "url": "/archive/1/395909" }, { "trust": 0.1, "url": "http://secunia.com/secunia_security_advisories/" }, { "trust": 0.1, "url": "http://secunia.com/product/4220/" }, { "trust": 0.1, "url": "http://secunia.com/secunia_vacancies/" }, { "trust": 0.1, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.1, "url": "http://secunia.com/advisories/15047/" }, { "trust": 0.1, "url": "http://secunia.com/about_secunia_advisories/" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-0758" }, { "trust": 0.1, "url": "http://bugs.gentoo.org." }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2005-1228" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-0988" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2005-0758" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.0" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-1228" }, { "trust": 0.1, "url": "http://security.gentoo.org/" }, { "trust": 0.1, "url": "http://security.gentoo.org/glsa/glsa-200505-05.xml" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2005-0988" } ], "sources": [ { "db": "BID", "id": "12996" }, { "db": "JVNDB", "id": "JVNDB-2005-000229" }, { "db": "PACKETSTORM", "id": "37396" }, { "db": "PACKETSTORM", "id": "38412" }, { "db": "CNNVD", "id": "CNNVD-200505-423" }, { "db": "NVD", "id": "CVE-2005-0988" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "BID", "id": "12996" }, { "db": "JVNDB", "id": "JVNDB-2005-000229" }, { "db": "PACKETSTORM", "id": "37396" }, { "db": "PACKETSTORM", "id": "38412" }, { "db": "CNNVD", "id": "CNNVD-200505-423" }, { "db": "NVD", "id": "CVE-2005-0988" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2005-04-05T00:00:00", "db": "BID", "id": "12996" }, { "date": "2007-04-01T00:00:00", "db": "JVNDB", "id": "JVNDB-2005-000229" }, { "date": "2005-05-28T06:29:35", "db": "PACKETSTORM", "id": "37396" }, { "date": "2005-07-02T00:59:07", "db": "PACKETSTORM", "id": "38412" }, { "date": "2005-04-21T00:00:00", "db": "CNNVD", "id": "CNNVD-200505-423" }, { "date": "2005-05-02T04:00:00", "db": "NVD", "id": "CVE-2005-0988" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2006-08-02T20:46:00", "db": "BID", "id": "12996" }, { "date": "2007-04-01T00:00:00", "db": "JVNDB", "id": "JVNDB-2005-000229" }, { "date": "2007-05-11T00:00:00", "db": "CNNVD", "id": "CNNVD-200505-423" }, { "date": "2024-11-20T23:56:20.520000", "db": "NVD", "id": "CVE-2005-0988" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "BID", "id": "12996" }, { "db": "CNNVD", "id": "CNNVD-200505-423" } ], "trust": 0.9 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "gzip of gunzip Race condition vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2005-000229" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "competitive condition", "sources": [ { "db": "CNNVD", "id": "CNNVD-200505-423" } ], "trust": 0.6 } }
var-200502-0025
Vulnerability from variot
The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. A buffer overflow in certain Apple AirPort drivers may allow an attacker to execute arbitrary code with system privileges, or create a denial-of-service condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL include der_chop The script contains a flaw that creates a temporary file in an inappropriate way for security reasons, so there is a vulnerability that is subject to symbolic link attacks.der_chop An arbitrary file may be created or overwritten with the privileges of the user executing the script. OpenSSL is affected by an insecure temporary file creation vulnerability. This issue is likely due to a design error that causes the application to fail to verify the existence of a file before writing to it. An attacker may leverage this issue to overwrite arbitrary files with the privileges of an unsuspecting user that activates the vulnerable application. Reportedly this issue is unlikely to facilitate privilege escalation. OpenSSL is an open source SSL suite.
To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German.
The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios.
This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links
Read the full description: http://corporate.secunia.com/products/48/?r=l
Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l
TITLE: Apple Airport Probe Response Kernel Memory Corruption Vulnerability
SECUNIA ADVISORY ID: SA22679
VERIFY ADVISORY: http://secunia.com/advisories/22679/
CRITICAL: Moderately critical
IMPACT: DoS, System access
WHERE:
From remote
OPERATING SYSTEM: Apple Macintosh OS X http://secunia.com/product/96/
DESCRIPTION: H.D. Moore has reported a vulnerability in the Apple Airport driver, which potentially can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an error in the Airport driver provided with Orinoco-based Airport cards when handling probe response frames. This can be exploited to overwrite kernel memory and potentially execute arbitrary code when the driver is running in active scanning mode.
The vulnerability is reported in the driver on a PowerBook running version 10.4.8. Other versions may also be affected.
SOLUTION: Do not place the card into active scanning mode.
PROVIDED AND/OR DISCOVERED BY: H D Moore
ORIGINAL ADVISORY: http://projects.info-pull.com/mokb/MOKB-01-11-2006.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-200502-0025", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": null, "scope": null, "trust": 3.2, "vendor": "debian gnu linux", "version": null }, { "model": null, "scope": null, "trust": 3.2, "vendor": "freebsd", "version": null }, { "model": null, "scope": null, "trust": 3.2, "vendor": "openssl", "version": null }, { "model": null, "scope": null, "trust": 3.2, "vendor": "red hat", "version": null }, { "model": null, "scope": null, "trust": 3.2, "vendor": "ubuntu", "version": null }, { "model": null, "scope": null, "trust": 2.4, "vendor": "f5", "version": null }, { "model": null, "scope": null, "trust": 2.4, "vendor": "openpkg", "version": null }, { "model": null, "scope": null, "trust": 2.4, "vendor": "oracle", "version": null }, { "model": null, "scope": null, "trust": 2.4, "vendor": "suse linux", "version": null }, { "model": null, "scope": null, "trust": 2.4, "vendor": "slackware linux", "version": null }, { "model": null, "scope": null, "trust": 2.4, "vendor": "rpath", "version": null }, { "model": null, "scope": null, "trust": 1.6, "vendor": "trustix secure linux", "version": null }, { "model": null, "scope": null, "trust": 1.6, "vendor": "apple computer", "version": null }, { "model": "mandrake linux corporate server", "scope": "eq", "trust": 1.6, "vendor": "mandrakesoft", "version": "2.1" }, { "model": "mandrake linux", "scope": "eq", "trust": 1.6, "vendor": "mandrakesoft", "version": "10.1" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6k" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6i" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6h" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6b" }, { "model": "mandrake linux", "scope": "eq", "trust": 1.0, "vendor": "mandrakesoft", "version": "9.2" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6e" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6d" }, { "model": "mandrake multi network firewall", "scope": "eq", "trust": 1.0, "vendor": "mandrakesoft", "version": "8.2" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.7c" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6l" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6f" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6m" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6j" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6c" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6g" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.7d" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "gentoo", "version": "*" }, { "model": "mandrake linux", "scope": "eq", "trust": 1.0, "vendor": "mandrakesoft", "version": "10.0" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6" }, { "model": "openssl", "scope": "eq", "trust": 1.0, "vendor": "openssl", "version": "0.9.6a" }, { "model": null, "scope": null, "trust": 0.8, "vendor": "appgate network security", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "attachmatewrq", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "avaya", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "blue coat", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "gentoo linux", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "gnutls", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "hewlett packard", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "iaik java group", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "ibm", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "internet consortium", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "intoto", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "juniper", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "mandriva", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "mozilla", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "openwall gnu linux", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "opera", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "rsa security", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "ssh security corp", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "sun microsystems", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "sybase", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "vmware", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "vandyke", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "stonesoft", "version": null }, { "model": "openssl", "scope": "lte", "trust": 0.8, "vendor": "openssl", "version": "0.9.6m" }, { "model": "openssl", "scope": "lte", "trust": 0.8, "vendor": "openssl", "version": "0.9.7e" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "2.1" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3.0" }, { "model": "turbolinux server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "10" }, { "model": "turbolinux server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "7" }, { "model": "turbolinux server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "8" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (ws)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (ws)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 (ws)" }, { "model": "workstation", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "8.0" }, { "model": "workstation", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "7.0" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "10.0" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "8.0" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "7.0" }, { "model": "desktop", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "10.0" }, { "model": "home", "scope": null, "trust": 0.3, "vendor": "turbolinux", "version": null }, { "model": "appliance server workgroup edition", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "1.0" }, { "model": "appliance server hosting edition", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "1.0" }, { "model": "propack", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "3.0" }, { "model": "advanced linux environment", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "3.0" }, { "model": "fedora core3", "scope": null, "trust": 0.3, "vendor": "redhat", "version": null }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "enterprise linux ws ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "enterprise linux es ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "enterprise linux as ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4.0" }, { "model": "desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3.0" }, { "model": "project openssl d", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "project openssl c", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.7" }, { "model": "project openssl m", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl l", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl k", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl j", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl i", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl h", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl g", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl f", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl e", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl d", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl c", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl b", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl a", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "project openssl", "scope": "eq", "trust": 0.3, "vendor": "openssl", "version": "0.9.6" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "10.1" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "10.1" }, { "model": "linux mandrake amd64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "10.0" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "10.0" }, { "model": "linux mandrake amd64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "9.2" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "9.2" }, { "model": "multi network firewall", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "2.0" }, { "model": "corporate server x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "2.1" }, { "model": "corporate server", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "2.1" }, { "model": "linux", "scope": null, "trust": 0.3, "vendor": "gentoo", "version": null }, { "model": "s8710 r2.0.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "s8710 r2.0.0", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "s8700 r2.0.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "s8700 r2.0.0", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "s8500 r2.0.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "s8500 r2.0.0", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "s8300 r2.0.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "s8300 r2.0.0", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "modular messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.0" }, { "model": "modular messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.1" }, { "model": "mn100", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "intuity lx", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "integrated management", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.1" }, { "model": "integrated management", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "cvlan", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "converged communications server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.0" } ], "sources": [ { "db": "CERT/CC", "id": "VU#247744" }, { "db": "CERT/CC", "id": "VU#386964" }, { "db": "CERT/CC", "id": "VU#191336" }, { "db": "CERT/CC", "id": "VU#845620" }, { "db": "CERT/CC", "id": "VU#547300" }, { "db": "BID", "id": "11293" }, { "db": "JVNDB", "id": "JVNDB-2004-000374" }, { "db": "CNNVD", "id": "CNNVD-200502-020" }, { "db": "NVD", "id": "CVE-2004-0975" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:openssl:openssl", "vulnerable": true }, { "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux_server", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:enterprise_linux", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2004-000374" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The individual or individuals responsible for the discovery of this issue is currently unknown; Trustix security engineers are credited with these discoveries.", "sources": [ { "db": "BID", "id": "11293" }, { "db": "CNNVD", "id": "CNNVD-200502-020" } ], "trust": 0.9 }, "cve": "CVE-2004-0975", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "CVE-2004-0975", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "LOW", "trust": 1.8, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "exploitabilityScore": 3.9, "id": "VHN-9405", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "LOW", "trust": 0.1, "vectorString": "AV:L/AC:L/AU:N/C:N/I:P/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2004-0975", "trust": 1.0, "value": "LOW" }, { "author": "CARNEGIE MELLON", "id": "VU#247744", "trust": 0.8, "value": "0.28" }, { "author": "CARNEGIE MELLON", "id": "VU#386964", "trust": 0.8, "value": "0.32" }, { "author": "CARNEGIE MELLON", "id": "VU#191336", "trust": 0.8, "value": "0.34" }, { "author": "CARNEGIE MELLON", "id": "VU#845620", "trust": 0.8, "value": "7.56" }, { "author": "CARNEGIE MELLON", "id": "VU#547300", "trust": 0.8, "value": "2.53" }, { "author": "NVD", "id": "CVE-2004-0975", "trust": 0.8, "value": "Low" }, { "author": "CNNVD", "id": "CNNVD-200502-020", "trust": 0.6, "value": "LOW" }, { "author": "VULHUB", "id": "VHN-9405", "trust": 0.1, "value": "LOW" } ] } ], "sources": [ { "db": "CERT/CC", "id": "VU#247744" }, { "db": "CERT/CC", "id": "VU#386964" }, { "db": "CERT/CC", "id": "VU#191336" }, { "db": "CERT/CC", "id": "VU#845620" }, { "db": "CERT/CC", "id": "VU#547300" }, { "db": "VULHUB", "id": "VHN-9405" }, { "db": "JVNDB", "id": "JVNDB-2004-000374" }, { "db": "CNNVD", "id": "CNNVD-200502-020" }, { "db": "NVD", "id": "CVE-2004-0975" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. A buffer overflow in certain Apple AirPort drivers may allow an attacker to execute arbitrary code with system privileges, or create a denial-of-service condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. OpenSSL include der_chop The script contains a flaw that creates a temporary file in an inappropriate way for security reasons, so there is a vulnerability that is subject to symbolic link attacks.der_chop An arbitrary file may be created or overwritten with the privileges of the user executing the script. OpenSSL is affected by an insecure temporary file creation vulnerability. This issue is likely due to a design error that causes the application to fail to verify the existence of a file before writing to it. \nAn attacker may leverage this issue to overwrite arbitrary files with the privileges of an unsuspecting user that activates the vulnerable application. Reportedly this issue is unlikely to facilitate privilege escalation. OpenSSL is an open source SSL suite. \n\n----------------------------------------------------------------------\n\nTo improve our services to our customers, we have made a number of\nadditions to the Secunia Advisories and have started translating the\nadvisories to German. \n\nThe improvements will help our customers to get a better\nunderstanding of how we reached our conclusions, how it was rated,\nour thoughts on exploitation, attack vectors, and scenarios. \n\nThis includes:\n* Reason for rating\n* Extended description\n* Extended solution\n* Exploit code or links to exploit code\n* Deep links\n\nRead the full description:\nhttp://corporate.secunia.com/products/48/?r=l\n\nContact Secunia Sales for more information:\nhttp://corporate.secunia.com/how_to_buy/15/?r=l\n\n----------------------------------------------------------------------\n\nTITLE:\nApple Airport Probe Response Kernel Memory Corruption Vulnerability\n\nSECUNIA ADVISORY ID:\nSA22679\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/22679/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS, System access\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nApple Macintosh OS X\nhttp://secunia.com/product/96/\n\nDESCRIPTION:\nH.D. Moore has reported a vulnerability in the Apple Airport driver,\nwhich potentially can be exploited by malicious people to compromise\na vulnerable system. \n\nThe vulnerability is caused due to an error in the Airport driver\nprovided with Orinoco-based Airport cards when handling probe\nresponse frames. This can be exploited to overwrite kernel memory and\npotentially execute arbitrary code when the driver is running in\nactive scanning mode. \n\nThe vulnerability is reported in the driver on a PowerBook running\nversion 10.4.8. Other versions may also be affected. \n\nSOLUTION:\nDo not place the card into active scanning mode. \n\nPROVIDED AND/OR DISCOVERED BY:\nH D Moore\n\nORIGINAL ADVISORY:\nhttp://projects.info-pull.com/mokb/MOKB-01-11-2006.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n", "sources": [ { "db": "NVD", "id": "CVE-2004-0975" }, { "db": "CERT/CC", "id": "VU#247744" }, { "db": "CERT/CC", "id": "VU#386964" }, { "db": "CERT/CC", "id": "VU#191336" }, { "db": "CERT/CC", "id": "VU#845620" }, { "db": "CERT/CC", "id": "VU#547300" }, { "db": "JVNDB", "id": "JVNDB-2004-000374" }, { "db": "BID", "id": "11293" }, { "db": "VULHUB", "id": "VHN-9405" }, { "db": "PACKETSTORM", "id": "51595" } ], "trust": 5.67 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "BID", "id": "11293", "trust": 2.8 }, { "db": "NVD", "id": "CVE-2004-0975", "trust": 2.8 }, { "db": "SECUNIA", "id": "12973", "trust": 2.5 }, { "db": "SECUNIA", "id": "23280", "trust": 2.4 }, { "db": "SECUNIA", "id": "23309", "trust": 2.4 }, { "db": "BID", "id": "22083", "trust": 2.4 }, { "db": "SECUNIA", "id": "22259", "trust": 1.6 }, { "db": "SECUNIA", "id": "23155", "trust": 1.6 }, { "db": "SECUNIA", "id": "22094", "trust": 1.6 }, { "db": "XF", "id": "17583", "trust": 1.4 }, { "db": "SECUNIA", "id": "22679", "trust": 0.9 }, { "db": "SECUNIA", "id": "23340", "trust": 0.8 }, { "db": "SECUNIA", "id": "22671", "trust": 0.8 }, { "db": "SECUNIA", "id": "23351", "trust": 0.8 }, { "db": "SECUNIA", "id": "22385", "trust": 0.8 }, { "db": "SECUNIA", "id": "23131", "trust": 0.8 }, { "db": "SECUNIA", "id": "22544", "trust": 0.8 }, { "db": "CERT/CC", "id": "VU#247744", "trust": 0.8 }, { "db": "BID", "id": "20246", "trust": 0.8 }, { "db": "CERT/CC", "id": "VU#386964", "trust": 0.8 }, { "db": "CERT/CC", "id": "VU#191336", "trust": 0.8 }, { "db": "SECUNIA", "id": "21709", "trust": 0.8 }, { "db": "CERT/CC", "id": "VU#845620", "trust": 0.8 }, { "db": "SECUNIA", "id": "22207", "trust": 0.8 }, { "db": "SECUNIA", "id": "22212", "trust": 0.8 }, { "db": "SECUNIA", "id": "22116", "trust": 0.8 }, { "db": "SECUNIA", "id": "22216", "trust": 0.8 }, { "db": "SECUNIA", "id": "22220", "trust": 0.8 }, { "db": "SECUNIA", "id": "22330", "trust": 0.8 }, { "db": "SECUNIA", "id": "22130", "trust": 0.8 }, { "db": "SECUNIA", "id": "22240", "trust": 0.8 }, { "db": "SECUNIA", "id": "22260", "trust": 0.8 }, { "db": "SECUNIA", "id": "22165", "trust": 0.8 }, { "db": "SECUNIA", "id": "22166", "trust": 0.8 }, { "db": "SECUNIA", "id": "22172", "trust": 0.8 }, { "db": "SECUNIA", "id": "22284", "trust": 0.8 }, { "db": "SECUNIA", "id": "22186", "trust": 0.8 }, { "db": "SECUNIA", "id": "22193", "trust": 0.8 }, { "db": "BID", "id": "20249", "trust": 0.8 }, { "db": "SECTRACK", "id": "1016943", "trust": 0.8 }, { "db": "XF", "id": "29237", "trust": 0.8 }, { "db": "CERT/CC", "id": "VU#547300", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2004-000374", "trust": 0.8 }, { "db": "GENTOO", "id": "GLSA-200411-15", "trust": 0.6 }, { "db": "OVAL", "id": "OVAL:ORG.MITRE.OVAL:DEF:164", "trust": 0.6 }, { "db": "DEBIAN", "id": "DSA-603", "trust": 0.6 }, { "db": "REDHAT", "id": "RHSA-2005:476", "trust": 0.6 }, { "db": "TRUSTIX", "id": "2004-0050", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-200502-020", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-9405", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "51595", "trust": 0.1 } ], "sources": [ { "db": "CERT/CC", "id": "VU#247744" }, { "db": "CERT/CC", "id": "VU#386964" }, { "db": "CERT/CC", "id": "VU#191336" }, { "db": "CERT/CC", "id": "VU#845620" }, { "db": "CERT/CC", "id": "VU#547300" }, { "db": "VULHUB", "id": "VHN-9405" }, { "db": "BID", "id": "11293" }, { "db": "JVNDB", "id": "JVNDB-2004-000374" }, { "db": "PACKETSTORM", "id": "51595" }, { "db": "CNNVD", "id": "CNNVD-200502-020" }, { "db": "NVD", "id": "CVE-2004-0975" } ] }, "id": "VAR-200502-0025", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-9405" } ], "trust": 0.01 }, "last_update_date": "2024-11-29T19:54:40.792000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "openssl", "trust": 0.8, "url": "http://www.miraclelinux.com/support/update/data/openssl.html" }, { "title": "Top Page", "trust": 0.8, "url": "http://www.openssl.org/" }, { "title": "RHSA-2005:476", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2005-476.html" }, { "title": "TLSA-2005-14", "trust": 0.8, "url": "http://www.turbolinux.com/security/2005/TLSA-2005-14.txt" }, { "title": "RHSA-2005:476", "trust": 0.8, "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2005-476J.html" }, { "title": "TLSA-2005-14", "trust": 0.8, "url": "http://www.turbolinux.co.jp/security/2005/TLSA-2005-14j.txt" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2004-000374" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-Other", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2004-0975" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "http://www.securityfocus.com/bid/11293" }, { "trust": 2.4, "url": "http://www.openssl.org/news/secadv_20060928.txt" }, { "trust": 2.4, "url": "http://secunia.com/advisories/23280/" }, { "trust": 2.4, "url": "http://secunia.com/advisories/23309/" }, { "trust": 2.4, "url": "http://www.securityfocus.com/bid/22083" }, { "trust": 1.7, "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136302" }, { "trust": 1.7, "url": "http://www.debian.org/security/2004/dsa-603" }, { "trust": 1.7, "url": "http://www.gentoo.org/security/en/glsa/glsa-200411-15.xml" }, { "trust": 1.7, "url": "http://www.redhat.com/support/errata/rhsa-2005-476.html" }, { "trust": 1.7, "url": "http://secunia.com/advisories/12973" }, { "trust": 1.7, "url": "http://www.trustix.org/errata/2004/0050" }, { "trust": 1.6, "url": "http://secunia.com/advisories/23155/" }, { "trust": 1.6, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1" }, { "trust": 1.4, "url": "http://xforce.iss.net/xforce/xfdb/17583" }, { "trust": 1.1, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10621" }, { "trust": 1.1, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a164" }, { "trust": 1.1, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17583" }, { "trust": 0.9, "url": "http://secunia.com/advisories/22679/" }, { "trust": 0.9, "url": "http://projects.info-pull.com/mokb/mokb-01-11-2006.html" }, { "trust": 0.8, "url": "http://www.openssl.org/" }, { "trust": 0.8, "url": "http://secunia.com/advisories/23131/" }, { "trust": 0.8, "url": "http://secunia.com/advisories/22544/" }, { "trust": 0.8, "url": "http://secunia.com/advisories/22385/" }, { "trust": 0.8, "url": "http://secunia.com/advisories/22671/" }, { "trust": 0.8, "url": "http://secunia.com/advisories/23340/" }, { "trust": 0.8, "url": "http://secunia.com/advisories/22094/" }, { "trust": 0.8, "url": "http://secunia.com/advisories/22259/" }, { "trust": 0.8, "url": "http://www.f-secure.com/security/fsc-2006-6.shtml" }, { "trust": 0.8, "url": "http://secunia.com/advisories/23351/" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnvu%23386964/index.html" }, { "trust": 0.8, "url": "http://www.securityfocus.com/bid/20246" }, { "trust": 0.8, "url": "http://docs.info.apple.com/article.html?artnum=304829" }, { "trust": 0.8, "url": "http://standards.ieee.org/announcements/pr_frames.html" }, { "trust": 0.8, "url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html" }, { "trust": 0.8, "url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/" }, { "trust": 0.8, "url": "http://www.openssl.org/news/secadv_20060905.txt " }, { "trust": 0.8, "url": "http://secunia.com/advisories/21709/" }, { "trust": 0.8, "url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125" }, { "trust": 0.8, "url": "http://www.ietf.org/rfc/rfc3447.txt" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnvu%23547300/index.html" }, { "trust": 0.8, "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-september/049715.html " }, { "trust": 0.8, "url": "https://issues.rpath.com/browse/rpl-613 " }, { "trust": 0.8, "url": "http://www.openssl.org/news/secadv_20060928.txt " }, { "trust": 0.8, "url": "http://kolab.org/security/kolab-vendor-notice-11.txt " }, { "trust": 0.8, "url": "http://openvpn.net/changelog.html " }, { "trust": 0.8, "url": "http://www.serv-u.com/releasenotes/ " }, { "trust": 0.8, "url": "http://openbsd.org/errata.html#openssl2 " }, { "trust": 0.8, "url": "http://www.securityfocus.com/bid/20249 " }, { "trust": 0.8, "url": "http://securitytracker.com/id?1016943 " }, { "trust": 0.8, "url": "http://secunia.com/advisories/22130 " }, { "trust": 0.8, "url": "http://secunia.com/advisories/22094 " }, { "trust": 0.8, "url": "http://secunia.com/advisories/22165 " }, { "trust": 0.8, "url": "http://secunia.com/advisories/22186 " }, { "trust": 0.8, "url": "http://secunia.com/advisories/22193 " }, { "trust": 0.8, "url": "http://secunia.com/advisories/22207 " }, { "trust": 0.8, "url": "http://secunia.com/advisories/22259 " }, { "trust": 0.8, "url": "http://secunia.com/advisories/22260 " }, { "trust": 0.8, "url": "http://secunia.com/advisories/22166 " }, { "trust": 0.8, "url": "http://secunia.com/advisories/22172 " }, { "trust": 0.8, "url": "http://secunia.com/advisories/22212 " }, { "trust": 0.8, "url": "http://secunia.com/advisories/22240 " }, { "trust": 0.8, "url": "http://secunia.com/advisories/22216 " }, { "trust": 0.8, "url": "http://secunia.com/advisories/22116 " }, { "trust": 0.8, "url": "http://secunia.com/advisories/22220 " }, { "trust": 0.8, "url": "http://secunia.com/advisories/22284 " }, { "trust": 0.8, "url": "http://secunia.com/advisories/22330 " }, { "trust": 0.8, "url": "http://xforce.iss.net/xforce/xfdb/29237 " }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0975" }, { "trust": 0.8, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0975" }, { "trust": 0.8, "url": "http://secunia.com/advisories/12973/" }, { "trust": 0.6, "url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:164" }, { "trust": 0.3, "url": "http://support.avaya.com/elmodocs2/security/asa-2005-170.pdf" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2005-476.html" }, { "trust": 0.1, "url": "http://secunia.com/secunia_security_advisories/" }, { "trust": 0.1, "url": "http://corporate.secunia.com/products/48/?r=l" }, { "trust": 0.1, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.1, "url": "http://secunia.com/product/96/" }, { "trust": 0.1, "url": "http://corporate.secunia.com/how_to_buy/15/?r=l" }, { "trust": 0.1, "url": "http://secunia.com/about_secunia_advisories/" } ], "sources": [ { "db": "CERT/CC", "id": "VU#247744" }, { "db": "CERT/CC", "id": "VU#386964" }, { "db": "CERT/CC", "id": "VU#191336" }, { "db": "CERT/CC", "id": "VU#845620" }, { "db": "CERT/CC", "id": "VU#547300" }, { "db": "VULHUB", "id": "VHN-9405" }, { "db": "BID", "id": "11293" }, { "db": "JVNDB", "id": "JVNDB-2004-000374" }, { "db": "PACKETSTORM", "id": "51595" }, { "db": "CNNVD", "id": "CNNVD-200502-020" }, { "db": "NVD", "id": "CVE-2004-0975" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CERT/CC", "id": "VU#247744" }, { "db": "CERT/CC", "id": "VU#386964" }, { "db": "CERT/CC", "id": "VU#191336" }, { "db": "CERT/CC", "id": "VU#845620" }, { "db": "CERT/CC", "id": "VU#547300" }, { "db": "VULHUB", "id": "VHN-9405" }, { "db": "BID", "id": "11293" }, { "db": "JVNDB", "id": "JVNDB-2004-000374" }, { "db": "PACKETSTORM", "id": "51595" }, { "db": "CNNVD", "id": "CNNVD-200502-020" }, { "db": "NVD", "id": "CVE-2004-0975" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2006-09-28T00:00:00", "db": "CERT/CC", "id": "VU#247744" }, { "date": "2006-09-28T00:00:00", "db": "CERT/CC", "id": "VU#386964" }, { "date": "2006-11-30T00:00:00", "db": "CERT/CC", "id": "VU#191336" }, { "date": "2006-09-11T00:00:00", "db": "CERT/CC", "id": "VU#845620" }, { "date": "2006-09-28T00:00:00", "db": "CERT/CC", "id": "VU#547300" }, { "date": "2005-02-09T00:00:00", "db": "VULHUB", "id": "VHN-9405" }, { "date": "2004-09-30T00:00:00", "db": "BID", "id": "11293" }, { "date": "2007-04-01T00:00:00", "db": "JVNDB", "id": "JVNDB-2004-000374" }, { "date": "2006-11-03T00:05:01", "db": "PACKETSTORM", "id": "51595" }, { "date": "2005-02-09T00:00:00", "db": "CNNVD", "id": "CNNVD-200502-020" }, { "date": "2005-02-09T05:00:00", "db": "NVD", "id": "CVE-2004-0975" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2007-02-09T00:00:00", "db": "CERT/CC", "id": "VU#247744" }, { "date": "2011-07-22T00:00:00", "db": "CERT/CC", "id": "VU#386964" }, { "date": "2006-11-30T00:00:00", "db": "CERT/CC", "id": "VU#191336" }, { "date": "2007-02-08T00:00:00", "db": "CERT/CC", "id": "VU#845620" }, { "date": "2011-07-22T00:00:00", "db": "CERT/CC", "id": "VU#547300" }, { "date": "2017-10-11T00:00:00", "db": "VULHUB", "id": "VHN-9405" }, { "date": "2009-07-12T07:06:00", "db": "BID", "id": "11293" }, { "date": "2007-04-01T00:00:00", "db": "JVNDB", "id": "JVNDB-2004-000374" }, { "date": "2005-10-20T00:00:00", "db": "CNNVD", "id": "CNNVD-200502-020" }, { "date": "2017-10-11T01:29:39.230000", "db": "NVD", "id": "CVE-2004-0975" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "BID", "id": "11293" }, { "db": "CNNVD", "id": "CNNVD-200502-020" } ], "trust": 0.9 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "OpenSSL DER_CHOP Insecure Temporary File Creation Vulnerability", "sources": [ { "db": "BID", "id": "11293" }, { "db": "CNNVD", "id": "CNNVD-200502-020" } ], "trust": 0.9 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Design Error", "sources": [ { "db": "BID", "id": "11293" }, { "db": "CNNVD", "id": "CNNVD-200502-020" } ], "trust": 0.9 } }
var-200408-0086
Vulnerability from variot
The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources. This issue is due to a failure of the application to validate user input lengths before processing them. It might be possible to leverage this issue to access sensitive information from kernel memory. Local attackers can use this vulnerability to carry out buffer overflow attacks, which may destroy memory space information and cause privilege escalation. -----BEGIN PGP SIGNED MESSAGE-----
SUSE Security Announcement
Package: kernel
Announcement-ID: SUSE-SA:2004:020
Date: Tuesday, Jul 2nd 2004 18:00 MEST
Affected products: 8.0, 8.1, 8.2, 9.0, 9.1
SUSE Linux Database Server,
SUSE eMail Server III, 3.1
SUSE Linux Enterprise Server 7, 8
SUSE Linux Firewall on CD/Admin host
SUSE Linux Connectivity Server
SUSE Linux Office Server
Vulnerability Type: local privilege escalation
Severity (1-10): 6
SUSE default package: yes
Cross References: CAN-2004-0495
CAN-2004-0496
CAN-2004-0497
CAN-2004-0535
CAN-2004-0626
Content of this advisory:
1) security vulnerability resolved:
- chown: users can change the group affiliation of arbitrary
files to the group they belong to
- missing DAC check in chown(2): local privilege escalation
- overflow with signals: local denial-of-service
- pss, mpu401 sound driver: read/write to complete memory
- airo driver: read/write to complete memory
- ALSA: copy_from_user/copy_to_user confused
- acpi_asus: read from random memory
- decnet: write to memory without checking
- e1000 driver: read complete memory
problem description, discussion, solution and upgrade information
2) pending vulnerabilities, solutions, workarounds:
- icecast
- sitecopy
- cadaver
- OpenOffice_org
- tripwire
- postgresql*
- mod_proxy
- freeswan
- ipsec-tools
- less
- libpng
- pavuk
- XFree86*
- kdebase3
3) standard appendix (further information)
1) problem description, brief discussion, solution, upgrade information
Multiple security vulnerabilities are being addressed with this security
update of the Linux kernel. These
vulnerabilities can lead to kernel memory read access, write access
and local denial of service conditions, resulting in access to the
root account for an attacker with a local account on the affected
system.
Missing Discretionary Access Control (DAC) checks in the chown(2) system
call allow an attacker with a local account to change the group
ownership of arbitrary files, which leads to root privileges on affected
systems. It is specific to kernel version 2.6 based systems such as
the SUSE Linux 9.1 product, that only local shell access is needed to
exploit this vulnerability. An interesting variant of the missing
checks is that the ownership of files in the /proc filesystem can be
altered, while the changed ownership still does not allow the files to
be accessed as a non-root user for to be able to exploit the
vulnerability. Systems that are based on a version 2.4 kernel are not
vulnerable to the /proc weakness, and exploitation of the weakness
requires the use of the kernel NFS server (knfsd). If the knfsd NFS
server is not activated (it is off by default), the vulnerability is
not exposed. These issues related to the chown(2) system call have been
discovered by Michael Schroeder and Ruediger Oertel, both SUSE LINUX. Found and reported
to bugtraq by Adam Osuchowski and Tomasz Dubinski, the vulnerability
allows a remote attacker to send a specially crafted TCP packet to a
vulnerable system, causing that system to stall if it makes use of
TCP option matching netfilter rules.
In some rare configurations of the SUSE Linux 9.1 distribution, some
users have experienced stalling systems during system startup. These
problems are fixed with this kernel update.
SPECIAL INSTALL INSTRUCTIONS:
==============================
For the impatient: Run YOU (Yast2 Online Update, command
"yast2 online_update" as root) to install the updates (semi)
automatically, if you have a SUSE Linux 8.1 and newer system.
For those who wish to install their kernel updates manually and for
those who use a SUSE Linux 8.0 system:
The following paragraphs will guide you through the installation
process in a step-by-step fashion. The character sequence "****"
marks the beginning of a new paragraph. In some cases, the steps
outlined in a particular paragraph may or may not be applicable
to your situation.
Therefore, please make sure to read through all of the steps below
before attempting any of these procedures.
All of the commands that need to be executed are required to be
run as the superuser (root). Each step relies on the steps before
it to complete successfully.
**** Step 1: Determine the needed kernel type
Please use the following command to find the kernel type that is
installed on your system:
rpm -qf /boot/vmlinuz
Following are the possible kernel types (disregard the version and
build number following the name separated by the "-" character)
k_deflt # default kernel, good for most systems.
k_i386 # kernel for older processors and chipsets
k_athlon # kernel made specifically for AMD Athlon(tm) family processors
k_psmp # kernel for Pentium-I dual processor systems
k_smp # kernel for SMP systems (Pentium-II and above)
k_smp4G # kernel for SMP systems which supports a maximum of 4G of RAM
kernel-64k-pagesize
kernel-bigsmp
kernel-default
kernel-smp
**** Step 2: Download the package for your system
Please download the kernel RPM package for your distribution with the
name as indicated by Step 1. The list of all kernel rpm packages is
appended below. Note: The kernel-source package does not
contain a binary kernel in bootable form. Instead, it contains the
sources that the binary kernel rpm packages are created from. It can be
used by administrators who have decided to build their own kernel.
Since the kernel-source.rpm is an installable (compiled) package that
contains sources for the linux kernel, it is not the source RPM for
the kernel RPM binary packages.
The kernel RPM binary packages for the distributions can be found at the
locations below ftp://ftp.suse.com/pub/suse/i386/update/.
8.0/images/
8.1/rpm/i586
8.2/rpm/i586
9.0/rpm/i586
9.1/rpm/i586
After downloading the kernel RPM package for your system, you should
verify the authenticity of the kernel rpm package using the methods as
listed in section 3) of each SUSE Security Announcement.
**** Step 3: Installing your kernel rpm package
Install the rpm package that you have downloaded in Steps 3 or 4 with
the command
rpm -Uhv --nodeps --force <K_FILE.RPM>
where <K_FILE.RPM> is the name of the rpm package that you downloaded.
Warning: After performing this step, your system will likely not be
able to boot if the following steps have not been fully
followed.
If you run SUSE LINUX 8.1 and haven't applied the kernel update
(SUSE-SA:2003:034), AND you are using the freeswan package, you also
need to update the freeswan rpm as a dependency as offered
by YOU (YaST Online Update). The package can be downloaded from
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/
**** Step 4: configuring and creating the initrd
The initrd is a ramdisk that is loaded into the memory of your
system together with the kernel boot image by the bootloader. The
kernel uses the content of this ramdisk to execute commands that must
be run before the kernel can mount its actual root filesystem. It is
usually used to initialize SCSI drivers or NIC drivers for diskless
operation.
The variable INITRD_MODULES in /etc/sysconfig/kernel determines
which kernel modules will be loaded in the initrd before the kernel
has mounted its actual root filesystem. The variable should contain
your SCSI adapter (if any) or filesystem driver modules.
With the installation of the new kernel, the initrd has to be
re-packed with the update kernel modules. Please run the command
mk_initrd
as root to create a new init ramdisk (initrd) for your system.
On SuSE Linux 8.1 and later, this is done automatically when the
RPM is installed.
**** Step 5: bootloader
If you run a SUSE LINUX 8.x, SLES8, or SUSE LINUX 9.x system, there
are two options:
Depending on your software configuration, you have either the lilo
bootloader or the grub bootloader installed and initialized on your
system.
The grub bootloader does not require any further actions to be
performed after the new kernel images have been moved in place by the
rpm Update command.
If you have a lilo bootloader installed and initialized, then the lilo
program must be run as root. Use the command
grep LOADER_TYPE /etc/sysconfig/bootloader
to find out which boot loader is configured. If it is lilo, then you
must run the lilo command as root. If grub is listed, then your system
does not require any bootloader initialization.
Warning: An improperly installed bootloader may render your system
unbootable.
**** Step 6: reboot
If all of the steps above have been successfully completed on your
system, then the new kernel including the kernel modules and the
initrd should be ready to boot. The system needs to be rebooted for
the changes to become active. Please make sure that all steps have
completed, then reboot using the command
shutdown -r now
or
init 6
Your system should now shut down and reboot with the new kernel.
There is no workaround known.
Please download the update package for your distribution and verify its
integrity by the methods listed in section 3) of this announcement.
Then, install the package using the command "rpm -Fhv file.rpm" to apply
the update.
Our maintenance customers are being notified individually. The packages
are being offered to install from the maintenance web.
x86 Platform:
SUSE Linux 9.1:
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-default-2.6.5-7.95.i586.rpm
800418d3dddf6d3b83925f562842205a
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-smp-2.6.5-7.95.i586.rpm
0cb990b159e10685bb29b76d312ddd25
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-bigsmp-2.6.5-7.95.i586.rpm
7446bb70f52bce57a914066be4ed8e45
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-bigsmp-2.6.5-7.95.i586.rpm
7446bb70f52bce57a914066be4ed8e45
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-source-2.6.5-7.95.i586.rpm
ede031495ee19d8b6eca1873e7155332
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-default-2.6.5-7.95.nosrc.rpm
620ef40226fec31a773397cf3051bf36
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-smp-2.6.5-7.95.nosrc.rpm
9b61b5a70b304f5554cb18a6bae5b5fd
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-bigsmp-2.6.5-7.95.nosrc.rpm
227c85280ee17a66c8590fe1bb14c596
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-source-2.6.5-7.95.src.rpm
895fee3033de0810ff1173ce8ee87936
SUSE Linux 9.0:
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_deflt-2.4.21-231.i586.rpm
48be395b96329909486ae3a5152348fa
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_athlon-2.4.21-231.i586.rpm
4cd322b4f511d5fe4c483ed28a82097e
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp-2.4.21-231.i586.rpm
262e33cebf1b0d35fb6d3235c9ab8815
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp4G-2.4.21-231.i586.rpm
8d81370f90736b12aa71b9c744f6e0e2
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_um-2.4.21-231.i586.rpm
bc59c838c84ba318dc4d24da08a3022e
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/kernel-source-2.4.21-231.i586.rpm
f9586ba982e0398c3e48871955b661aa
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_deflt-2.4.21-231.src.rpm
18673b0bf347fe9557d4e67ca02000c0
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_athlon-2.4.21-231.src.rpm
71496daac44196b0e0a3836ee6a3b4ed
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_smp-2.4.21-231.src.rpm
7c208e9e3f7be1a68c3c8457eb2cafc4
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_smp4G-2.4.21-231.src.rpm
b77863c863aaf4b931bff263220e6ec9
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_um-2.4.21-231.src.rpm
bed7e964e22c5e5d2f5e7a5e3816dde4
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/kernel-source-2.4.21-231.src.rpm
6b5137bf379fbfc861441151039575da
SUSE Linux 8.2:
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_deflt-2.4.20-115.i586.rpm
50d261b44616f9145a0dc16df501a504
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_athlon-2.4.20-115.i586.rpm
10095854c0bdae20991d90b822352e14
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_smp-2.4.20-115.i586.rpm
a2ef7cfb0e62ad955dda2b0574eb3150
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_psmp-2.4.20-115.i586.rpm
1d2b0d0e2c7998685ed04c24e593b196
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/kernel-source-2.4.20.SuSE-115.i586.rpm
d8bf98c46ba5313db286d5706f7fb3b8
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_deflt-2.4.20-115.src.rpm
e13a7b4c2b185cfeb991c31607f79ccb
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_athlon-2.4.20-115.src.rpm
0e2f2cf20e7d7a20f3e50b245105df61
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_smp-2.4.20-115.src.rpm
6cfac2914d3827ec562ff9d6be29c566
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_psmp-2.4.20-115.src.rpm
afd29843aa69d805ef5f25d39ecd0e7f
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/kernel-source-2.4.20.SuSE-115.src.rpm
098a1400a48404931acb8b3eb2e821fb
SUSE Linux 8.1:
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_deflt-2.4.21-231.i586.rpm
3bdaa593d09a7cbff632a2c4446d5603
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_athlon-2.4.21-231.i586.rpm
ba60d0b2b6d3bc9c38b4e8b3859e1586
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_smp-2.4.21-231.i586.rpm
ffa8983669004826a0cbedbe34dced76
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_psmp-2.4.21-231.i586.rpm
25174fd007f5a39ee0342dd6f18f2eaa
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/kernel-source-2.4.21-231.i586.rpm
10837fa561cd5104e55d48e46c837764
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_deflt-2.4.21-231.src.rpm
c37e8b87819602e77b14206affef00fa
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_athlon-2.4.21-231.src.rpm
7be68a677db5a65be1a46ec194b35497
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_smp-2.4.21-231.src.rpm
8e4b7d5a6bb81da5a00971cdcc4ec641
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_psmp-2.4.21-231.src.rpm
d8ba1db81a9b517f867c970e4fc443a7
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/kernel-source-2.4.21-231.src.rpm
96a0a9242d066083c7bff8e0f70b7bbe
SUSE Linux 8.0:
ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_deflt-2.4.18-303.i386.rpm
ec1e53b3812c0c0bd3681435d69fb134
ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_smp-2.4.18-303.i386.rpm
583164e52019ae090fd47e425c2a933e
ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_psmp-2.4.18-303.i386.rpm
9ac8983abef05697d75f3117e37e5f18
ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_i386-2.4.18-303.i386.rpm
4932c4d6a42fc9be02013f398ab5bb96
ftp://ftp.suse.com/pub/suse/i386/update/8.0/d3/kernel-source-2.4.18.SuSE-303.i386.rpm
b9de0731f9bbc4b016455a6d52cd8296
source rpm(s):
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_deflt-2.4.18-303.src.rpm
a73bacad80432c26e856c41338b154bd
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_smp-2.4.18-303.src.rpm
782902cd14e7776db66bd61a12beee03
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_psmp-2.4.18-303.src.rpm
d71fa5cda488ae18f8d023cd8f28bb73
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_i386-2.4.18-303.src.rpm
a360a9e6ed2db54f69e17db36f02614f
ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/kernel-source-2.4.18.SuSE-303.nosrc.rpm
8017fd6ff8a6fc1a0660ab35ad174388
x86-64 Platform:
SUSE Linux 9.1:
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-default-2.6.5-7.95.x86_64.rpm
e2c53fd24991f739fd754c07f7aa8293
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-smp-2.6.5-7.95.x86_64.rpm
f4a69622b7628cdd662a4e39aa59b60e
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-source-2.6.5-7.95.x86_64.rpm
e71adfb1fc662600eb11d3acf67c3dc3
source rpm(s):
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-default-2.6.5-7.95.nosrc.rpm
f6a364879d1f2ae2cf854810d61be3ac
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-smp-2.6.5-7.95.nosrc.rpm
a0096d1fc067d89c9200ea3904713d59
ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-source-2.6.5-7.95.src.rpm
bf6d0439cfc37b50b4f6822c3403a74f
SUSE Linux 9.0:
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/k_deflt-2.4.21-231.x86_64.rpm
17e008a737e5e95e71335e34fa7f86cf
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/k_smp-2.4.21-231.x86_64.rpm
ca742b550b1a503595b02cbfc9e0e481
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/kernel-source-2.4.21-231.x86_64.rpm
8e0c16c42d1a89aa6a09be1dd575de47
source rpm(s):
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/k_deflt-2.4.21-231.src.rpm
58b1bf42b5661119d06a04888144707a
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/k_smp-2.4.21-231.src.rpm
5103001136e39fca5a59f4cbde82822b
ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/kernel-source-2.4.21-231.src.rpm
231c9e5e00f17df8cfd72d6c8a68d9cf
2) Pending vulnerabilities in SUSE Distributions and Workarounds:
- icecast
The icecast service is vulnerable to a remote denial-of-service
attack. Update packages will be available soon.
- sitecopy
The sitecopy package includes a vulnerable version of the
neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be
available soon.
- cadaver
The cadaver package includes a vulnerable version of the
neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be
available soon.
- OpenOffice_org
The OpenOffice_org package includes a vulnerable version
of the neon library (CAN-2004-0179, CAN-2004-0398). Update packages
will be available soon.
- tripwire
A format string bug in tripwire can be exploited locally
to gain root permissions.
New packages are available.
- postgresql
A buffer overflow in psqlODBC could be exploited to crash the
application using it. E.g. a PHP script that uses ODBC to access a
PostgreSQL database can be utilized to crash the surrounding Apache
web-server. Other parts of PostgreSQL are not affected.
New packages are available.
- XDM/XFree86
This update resolves random listening to ports by XDM
that allows to connect via the XDMCP. SUSE LINUX 9.1
is affected only.
New packages are available.
- mod_proxy
A buffer overflow can be triggered by malicious remote
servers that return a negative Content-Length value.
This vulnerability can be used to execute commands remotely
New packages are available.
- freeswan
A bug in the certificate chain authentication code could allow an
attacker to authenticate any host against a FreeS/WAN server by
presenting specially crafted certificates wrapped in a PKCS#7 file.
The packages are currently being tested and will be available soon.
- ipsec-tools
The racoon daemon which is responsible for handling IKE messages
fails to reject invalid or self-signed X.509 certificates which
allows for man-in-the-middle attacks on IPsec tunnels established
via racoon.
The packages are currently being tested and will be available soon.
- less
This update fixes a possible symlink attack in lessopen.sh. The
attack can be executed by local users to overwrite arbitrary files
with the privileges of the user running less.
New packages are available.
- libpng
This update adds a missing fix for CAN-2002-1363.
New packages are available.
- pavuk
This update fixes a remotely exploitable buffer overflow in pavuk.
Thanks to Ulf Harnhammar for reporting this to us.
New packages are available.
- kdebase3
This update fixes a possible attack on tmp files created at the
first login of a user using KDE or at the first time running a
KDE application. This bug can be exploited locally to overwrite
arbitrary files with the privilege of the victim user.
Just affects SUSE LINUX 9.1
New packages are available.
3) standard appendix: authenticity verification, additional information
-
Package authenticity verification:
SUSE update packages are available on many mirror ftp servers around the world. While this service is considered valuable and important to the free and open source software community, many users wish to be certain as to be the origin of the package and its content before installing the package. There are two independent verification methods that can be used to prove the authenticity of a downloaded file or rpm package: 1) md5sums as provided in the (cryptographically signed) announcement. 2) using the internal gpg signatures of the rpm package.
1) execute the command md5sum after you have downloaded the file from a SUSE ftp server or its mirrors. Then, compare the resulting md5sum with the one that is listed in the announcement. Since the announcement containing the checksums is cryptographically signed (usually using the key security@suse.de), the checksums offer proof of the authenticity of the package. We recommend against subscribing to security lists which cause the email message containing the announcement to be modified so that the signature does not match after transport through the mailing list software. Downsides: You must be able to verify the authenticity of the announcement in the first place. If RPM packages are being rebuilt and a new version of a package is published on the ftp server, all md5 sums for the files are useless.
2) rpm package signatures provide an easy way to verify the authenticity of an rpm package. Use the command rpm -v --checksig to verify the signature of the package, where is the filename of the rpm package that you have downloaded. Of course, package authenticity verification can only target an un-installed rpm package file. Prerequisites: a) gpg is installed b) The package is signed using a certain key. The public part of this key must be installed by the gpg program in the directory ~/.gnupg/ under the user's home directory who performs the signature verification (usually root). You can import the key that is used by SUSE in rpm packages for SUSE Linux by saving this announcement to a file ("announcement.txt") and running the command (do "su -" to be root): gpg --batch; gpg < announcement.txt | gpg --import SUSE Linux distributions version 7.1 and thereafter install the key "build@suse.de" upon installation or upgrade, provided that the package gpg is installed. The file containing the public key is placed at the top-level directory of the first CD (pubring.gpg) and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de .
-
SUSE runs two security mailing lists to which any interested party may subscribe:
suse-security@suse.com - general/linux/SUSE security discussion. All SUSE security announcements are sent to this list. To subscribe, send an email to suse-security-subscribe@suse.com.
suse-security-announce@suse.com - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an email to suse-security-announce-subscribe@suse.com.
For general information or the frequently asked questions (faq) send mail to: suse-security-info@suse.com or suse-security-faq@suse.com respectively.
===================================================================== SUSE's security contact is security@suse.com or security@suse.de. The security@suse.de public key is listed below. =====================================================================
The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, it is desired that the clear-text signature must show proof of the authenticity of the text. SUSE Linux AG makes no warranties of any kind whatsoever with respect to the information contained in this security advisory.
Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team security@suse.de pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key build@suse.de
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org
mQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff 4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d M+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO QliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK XBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE D3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd G5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM CC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE myW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr YWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD wmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d NfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe QOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe LZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t XXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU D9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3 0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot 1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW cRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E ExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f AJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E Oe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/ HZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h t5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT tGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM 523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q 2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8 QnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw JxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ 1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH ORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1 wwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY EQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol 0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK CRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co SPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo omuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt A46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J /LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE GrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf ebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT ZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8 RQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ 8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb B6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X 11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA 8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj qY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p WH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL hn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG BafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+ AvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi RZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0 zinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM /3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7 whaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl D+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz dbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI RgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI DgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE= =LRKC - -----END PGP PUBLIC KEY BLOCK-----
- - | Roman Drahtm\xfcller draht@suse.de // "You don't need eyes to see, | SUSE Linux AG - Security Phone: // you need vision!" | N\xfcrnberg, Germany +49-911-740530 // Maxi Jazz, Faithless |
- - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux)
iQEVAwUBQOWPL3ey5gA9JdPZAQFFzQf+Mo5WmO40BDHakn4qD5rAcfU6H/0rhMpy Bi8r+g6GoSp/m2Zy+1O0Qn3jVb/iirVlnHH3DND1r/GunM3c5CTaMYt2Bt7PTOdt OsjD41lbiFlHDmmmaodROQvcrz7T67YU0gCtSKJdDfs2ATiiUOcyUQZNfi/PiEqD jwmKpP5c1NXSXPSwZ2f430itJA5iUqqVBeB1WHn63kOnIKtHBJ9c6uw3rZ99t1OA iud3L+VQSycb8xQSlOsuiaYW1S236VsogKWRbqY76eo7E2AnVQlMpcZkyW91/vfT WntQlZJAaGFX1q/IyGy+PGFPUoJjNc7H6jy5ZqJqXR5Sb0KrHfadCQ== =24bz -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-200408-0086", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "kernel", "scope": "eq", "trust": 1.6, "vendor": "linux", "version": "2.4.27" }, { "model": "linux", "scope": "eq", "trust": 1.3, "vendor": "suse", "version": "8.1" }, { "model": "linux", "scope": "eq", "trust": 1.3, "vendor": "suse", "version": "8.0" }, { "model": "linux", "scope": "eq", "trust": 1.3, "vendor": "suse", "version": "9.1" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.26" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.25" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.24" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.23" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.22" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.21" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.20" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.19" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.18" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.17" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.16" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.15" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.14" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.13" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.12" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.11" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.10" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.9" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.8" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.7" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.6" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.5" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.4" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.3" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.2" }, { "model": "kernel", "scope": "eq", "trust": 1.3, "vendor": "linux", "version": "2.4.1" }, { "model": "linux", "scope": "eq", "trust": 1.3, "vendor": "gentoo", "version": "1.4" }, { "model": "email server", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "3.1" }, { "model": "mandrake linux", "scope": "eq", "trust": 1.0, "vendor": "mandrakesoft", "version": "9.2" }, { "model": "office server", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "*" }, { "model": "linux connectivity server", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "*" }, { "model": "mandrake linux corporate server", "scope": "eq", "trust": 1.0, "vendor": "mandrakesoft", "version": "2.1" }, { "model": "secure community", "scope": "eq", "trust": 1.0, "vendor": "engardelinux", "version": "2.0" }, { "model": "mandrake linux", "scope": "eq", "trust": 1.0, "vendor": "mandrakesoft", "version": "9.1" }, { "model": "linux office server", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "*" }, { "model": "mandrake linux", "scope": "eq", "trust": 1.0, "vendor": "mandrakesoft", "version": "10.0" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "8.2" }, { "model": "secure linux", "scope": "eq", "trust": 1.0, "vendor": "engardelinux", "version": "1.5" }, { "model": "kernel", "scope": "eq", "trust": 1.0, "vendor": "linux", "version": "2.4.24_ow1" }, { "model": "kernel", "scope": "eq", "trust": 1.0, "vendor": "linux", "version": "2.4.23_ow2" }, { "model": "email server", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "iii" }, { "model": "linux database server", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "*" }, { "model": "mandrake multi network firewall", "scope": "eq", "trust": 1.0, "vendor": "mandrakesoft", "version": "8.2" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "conectiva", "version": "9.0" }, { "model": "linux firewall cd", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "*" }, { "model": "linux firewall live-cd", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "*" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "conectiva", "version": "8.0" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "7" }, { "model": "linux admin-cd for firewall", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "*" }, { "model": "kernel", "scope": "eq", "trust": 1.0, "vendor": "linux", "version": "2.4.0" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "9.0" }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "8" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "2.0" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "2.1" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3.0" }, { "model": "turbolinux server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "7" }, { "model": "turbolinux server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "8" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (ws)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (ws)" }, { "model": "secure linux", "scope": "eq", "trust": 0.3, "vendor": "trustix", "version": "2.1" }, { "model": "secure linux", "scope": "eq", "trust": 0.3, "vendor": "trustix", "version": "2.0" }, { "model": "secure enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "trustix", "version": "2.0" }, { "model": "linux enterprise server", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "8" }, { "model": "linux enterprise server", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "7" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "8.0" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "9" }, { "model": "propack", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "3.0" }, { "model": "suse email server iii", "scope": null, "trust": 0.3, "vendor": "s u s e", "version": null }, { "model": "suse email server", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "3.1" }, { "model": "office server", "scope": null, "trust": 0.3, "vendor": "s u s e", "version": null }, { "model": "linux personal", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.1" }, { "model": "linux personal x86 64", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.0" }, { "model": "linux personal", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.0" }, { "model": "linux personal", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "8.2" }, { "model": "linux office server", "scope": null, "trust": 0.3, "vendor": "s u s e", "version": null }, { "model": "linux live-cd for firewall", "scope": null, "trust": 0.3, "vendor": "s u s e", "version": null }, { "model": "linux firewall on cd", "scope": null, "trust": 0.3, "vendor": "s u s e", "version": null }, { "model": "linux database server", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "0" }, { "model": "linux connectivity server", "scope": null, "trust": 0.3, "vendor": "s u s e", "version": null }, { "model": "linux admin-cd for firewall", "scope": null, "trust": 0.3, "vendor": "s u s e", "version": null }, { "model": "advanced workstation for the itanium processor ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "linux mandrake amd64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "10.0" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "10.0" }, { "model": "linux mandrake amd64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "9.2" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "9.2" }, { "model": "linux mandrake ppc", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "9.1" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "9.1" }, { "model": "multi network firewall", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "2.0" }, { "model": "corporate server x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "2.1" }, { "model": "corporate server", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "2.1" }, { "model": "kernel -pre1", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4.27" }, { "model": "kernel -ow1", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4.24" }, { "model": "kernel -pre9", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4.23" }, { "model": "kernel -ow2", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4.23" }, { "model": "kernel pre7", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4.21" }, { "model": "kernel pre4", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4.21" }, { "model": "kernel pre1", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4.21" }, { "model": "kernel -pre6", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4.19" }, { "model": "kernel -pre5", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4.19" }, { "model": "kernel -pre4", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4.19" }, { "model": "kernel -pre3", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4.19" }, { "model": "kernel -pre2", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4.19" }, { "model": "kernel -pre1", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4.19" }, { "model": "kernel pre-8", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4.18" }, { "model": "kernel pre-7", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4.18" }, { "model": "kernel pre-6", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4.18" }, { "model": "kernel pre-5", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4.18" }, { "model": "kernel pre-4", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4.18" }, { "model": "kernel pre-3", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4.18" }, { "model": "kernel pre-2", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4.18" }, { "model": "kernel pre-1", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4.18" }, { "model": "kernel", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4.18x86" }, { "model": "kernel .0-test9", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4" }, { "model": "kernel .0-test8", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4" }, { "model": "kernel .0-test7", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4" }, { "model": "kernel .0-test6", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4" }, { "model": "kernel .0-test5", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4" }, { "model": "kernel .0-test4", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4" }, { "model": "kernel .0-test3", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4" }, { "model": "kernel .0-test2", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4" }, { "model": "kernel .0-test12", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4" }, { "model": "kernel .0-test11", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4" }, { "model": "kernel .0-test10", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4" }, { "model": "kernel .0-test1", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4" }, { "model": "kernel", "scope": "eq", "trust": 0.3, "vendor": "linux", "version": "2.4" }, { "model": "secure professional", "scope": "eq", "trust": 0.3, "vendor": "engarde", "version": "1.5" }, { "model": "secure community", "scope": "eq", "trust": 0.3, "vendor": "engarde", "version": "2.0" }, { "model": "kernel -pre2", "scope": "ne", "trust": 0.3, "vendor": "linux", "version": "2.4.27" } ], "sources": [ { "db": "BID", "id": "10352" }, { "db": "JVNDB", "id": "JVNDB-2004-000194" }, { "db": "CNNVD", "id": "CNNVD-200408-072" }, { "db": "NVD", "id": "CVE-2004-0535" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux_server", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:enterprise_linux", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2004-000194" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Chris Wright", "sources": [ { "db": "CNNVD", "id": "CNNVD-200408-072" } ], "trust": 0.6 }, "cve": "CVE-2004-0535", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "CVE-2004-0535", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 1.8, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 3.9, "id": "VHN-8965", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "LOW", "trust": 0.1, "vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2004-0535", "trust": 1.0, "value": "LOW" }, { "author": "NVD", "id": "CVE-2004-0535", "trust": 0.8, "value": "Low" }, { "author": "CNNVD", "id": "CNNVD-200408-072", "trust": 0.6, "value": "LOW" }, { "author": "VULHUB", "id": "VHN-8965", "trust": 0.1, "value": "LOW" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-8965" }, { "db": "JVNDB", "id": "JVNDB-2004-000194" }, { "db": "CNNVD", "id": "CNNVD-200408-072" }, { "db": "NVD", "id": "CVE-2004-0535" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a \"buffer overflow\" by some sources. This issue is due to a failure of the application to validate user input lengths before processing them. It might be possible to leverage this issue to access sensitive information from kernel memory. Local attackers can use this vulnerability to carry out buffer overflow attacks, which may destroy memory space information and cause privilege escalation. -----BEGIN PGP SIGNED MESSAGE-----\n\n______________________________________________________________________________\n\n SUSE Security Announcement\n\n Package: kernel\n Announcement-ID: SUSE-SA:2004:020\n Date: Tuesday, Jul 2nd 2004 18:00 MEST\n Affected products: 8.0, 8.1, 8.2, 9.0, 9.1\n SUSE Linux Database Server,\n SUSE eMail Server III, 3.1\n SUSE Linux Enterprise Server 7, 8\n SUSE Linux Firewall on CD/Admin host\n SUSE Linux Connectivity Server\n SUSE Linux Office Server\n Vulnerability Type: local privilege escalation\n Severity (1-10): 6\n SUSE default package: yes\n Cross References:\tCAN-2004-0495\n\t\t\t\tCAN-2004-0496\n\t\t\t\tCAN-2004-0497\n\t\t\t\tCAN-2004-0535\n\t\t\t\tCAN-2004-0626\n\n\n Content of this advisory:\n 1) security vulnerability resolved:\n\t\t- chown: users can change the group affiliation of arbitrary\n\t\t files to the group they belong to\n\t\t- missing DAC check in chown(2): local privilege escalation\n\t - overflow with signals: local denial-of-service\n \t- pss, mpu401 sound driver: read/write to complete memory\n\t - airo driver: read/write to complete memory\n \t- ALSA: copy_from_user/copy_to_user confused\n \t- acpi_asus: read from random memory\n \t- decnet: write to memory without checking\n \t- e1000 driver: read complete memory\n problem description, discussion, solution and upgrade information\n 2) pending vulnerabilities, solutions, workarounds:\n\t\t- icecast\n - sitecopy\n - cadaver\n - OpenOffice_org\n - tripwire\n - postgresql*\n - mod_proxy\n\t\t- freeswan\n\t\t- ipsec-tools\n\t\t- less\n\t\t- libpng\n\t\t- pavuk\n\t\t- XFree86*\n\t\t- kdebase3\n 3) standard appendix (further information)\n\n______________________________________________________________________________\n\n1) problem description, brief discussion, solution, upgrade information\n\n Multiple security vulnerabilities are being addressed with this security\n update of the Linux kernel. These \n vulnerabilities can lead to kernel memory read access, write access \n and local denial of service conditions, resulting in access to the \n root account for an attacker with a local account on the affected \n system. \n\n Missing Discretionary Access Control (DAC) checks in the chown(2) system\n call allow an attacker with a local account to change the group\n ownership of arbitrary files, which leads to root privileges on affected\n systems. It is specific to kernel version 2.6 based systems such as \n the SUSE Linux 9.1 product, that only local shell access is needed to \n exploit this vulnerability. An interesting variant of the missing \n checks is that the ownership of files in the /proc filesystem can be \n altered, while the changed ownership still does not allow the files to \n be accessed as a non-root user for to be able to exploit the \n vulnerability. Systems that are based on a version 2.4 kernel are not \n vulnerable to the /proc weakness, and exploitation of the weakness \n requires the use of the kernel NFS server (knfsd). If the knfsd NFS \n server is not activated (it is off by default), the vulnerability is \n not exposed. These issues related to the chown(2) system call have been \n discovered by Michael Schroeder and Ruediger Oertel, both SUSE LINUX. Found and reported \n to bugtraq by Adam Osuchowski and Tomasz Dubinski, the vulnerability \n allows a remote attacker to send a specially crafted TCP packet to a \n vulnerable system, causing that system to stall if it makes use of \n TCP option matching netfilter rules. \n\n In some rare configurations of the SUSE Linux 9.1 distribution, some \n users have experienced stalling systems during system startup. These \n problems are fixed with this kernel update. \n\n\n\n SPECIAL INSTALL INSTRUCTIONS:\n ==============================\n For the impatient: Run YOU (Yast2 Online Update, command \n \"yast2 online_update\" as root) to install the updates (semi) \n automatically, if you have a SUSE Linux 8.1 and newer system. \n\n For those who wish to install their kernel updates manually and for \n those who use a SUSE Linux 8.0 system:\n\n The following paragraphs will guide you through the installation\n process in a step-by-step fashion. The character sequence \"****\"\n marks the beginning of a new paragraph. In some cases, the steps\n outlined in a particular paragraph may or may not be applicable\n to your situation. \n Therefore, please make sure to read through all of the steps below\n before attempting any of these procedures. \n All of the commands that need to be executed are required to be\n run as the superuser (root). Each step relies on the steps before\n it to complete successfully. \n\n\n **** Step 1: Determine the needed kernel type\n\n Please use the following command to find the kernel type that is\n installed on your system:\n\n rpm -qf /boot/vmlinuz\n\n Following are the possible kernel types (disregard the version and\n build number following the name separated by the \"-\" character)\n\n k_deflt # default kernel, good for most systems. \n k_i386 # kernel for older processors and chipsets\n k_athlon # kernel made specifically for AMD Athlon(tm) family processors\n k_psmp # kernel for Pentium-I dual processor systems\n k_smp # kernel for SMP systems (Pentium-II and above)\n k_smp4G # kernel for SMP systems which supports a maximum of 4G of RAM\n kernel-64k-pagesize\n kernel-bigsmp\n kernel-default\n kernel-smp\n\n **** Step 2: Download the package for your system\n\n Please download the kernel RPM package for your distribution with the\n name as indicated by Step 1. The list of all kernel rpm packages is\n appended below. Note: The kernel-source package does not\n contain a binary kernel in bootable form. Instead, it contains the\n sources that the binary kernel rpm packages are created from. It can be\n used by administrators who have decided to build their own kernel. \n Since the kernel-source.rpm is an installable (compiled) package that\n contains sources for the linux kernel, it is not the source RPM for\n the kernel RPM binary packages. \n\n The kernel RPM binary packages for the distributions can be found at the\n locations below ftp://ftp.suse.com/pub/suse/i386/update/. \n\n 8.0/images/\n 8.1/rpm/i586\n 8.2/rpm/i586\n 9.0/rpm/i586\n 9.1/rpm/i586\n\n After downloading the kernel RPM package for your system, you should\n verify the authenticity of the kernel rpm package using the methods as\n listed in section 3) of each SUSE Security Announcement. \n\n\n **** Step 3: Installing your kernel rpm package\n\n Install the rpm package that you have downloaded in Steps 3 or 4 with\n the command\n rpm -Uhv --nodeps --force \u003cK_FILE.RPM\u003e\n where \u003cK_FILE.RPM\u003e is the name of the rpm package that you downloaded. \n\n Warning: After performing this step, your system will likely not be\n able to boot if the following steps have not been fully\n followed. \n\n\n If you run SUSE LINUX 8.1 and haven\u0027t applied the kernel update\n (SUSE-SA:2003:034), AND you are using the freeswan package, you also\n need to update the freeswan rpm as a dependency as offered\n by YOU (YaST Online Update). The package can be downloaded from\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/\n\n **** Step 4: configuring and creating the initrd\n\n The initrd is a ramdisk that is loaded into the memory of your\n system together with the kernel boot image by the bootloader. The\n kernel uses the content of this ramdisk to execute commands that must\n be run before the kernel can mount its actual root filesystem. It is\n usually used to initialize SCSI drivers or NIC drivers for diskless\n operation. \n\n The variable INITRD_MODULES in /etc/sysconfig/kernel determines\n which kernel modules will be loaded in the initrd before the kernel\n has mounted its actual root filesystem. The variable should contain\n your SCSI adapter (if any) or filesystem driver modules. \n\n With the installation of the new kernel, the initrd has to be\n re-packed with the update kernel modules. Please run the command\n\n mk_initrd\n\n as root to create a new init ramdisk (initrd) for your system. \n On SuSE Linux 8.1 and later, this is done automatically when the\n RPM is installed. \n\n\n **** Step 5: bootloader\n\n If you run a SUSE LINUX 8.x, SLES8, or SUSE LINUX 9.x system, there\n are two options:\n Depending on your software configuration, you have either the lilo\n bootloader or the grub bootloader installed and initialized on your\n system. \n The grub bootloader does not require any further actions to be\n performed after the new kernel images have been moved in place by the\n rpm Update command. \n If you have a lilo bootloader installed and initialized, then the lilo\n program must be run as root. Use the command\n\n grep LOADER_TYPE /etc/sysconfig/bootloader\n\n to find out which boot loader is configured. If it is lilo, then you\n must run the lilo command as root. If grub is listed, then your system\n does not require any bootloader initialization. \n\n Warning: An improperly installed bootloader may render your system\n unbootable. \n\n **** Step 6: reboot\n\n If all of the steps above have been successfully completed on your\n system, then the new kernel including the kernel modules and the\n initrd should be ready to boot. The system needs to be rebooted for\n the changes to become active. Please make sure that all steps have\n completed, then reboot using the command\n shutdown -r now\n or\n init 6\n\n Your system should now shut down and reboot with the new kernel. \n\n\n There is no workaround known. \n\n\n Please download the update package for your distribution and verify its\n integrity by the methods listed in section 3) of this announcement. \n Then, install the package using the command \"rpm -Fhv file.rpm\" to apply\n the update. \n Our maintenance customers are being notified individually. The packages\n are being offered to install from the maintenance web. \n\n\n\n\n\n x86 Platform:\n\n SUSE Linux 9.1:\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-default-2.6.5-7.95.i586.rpm\n 800418d3dddf6d3b83925f562842205a\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-smp-2.6.5-7.95.i586.rpm\n 0cb990b159e10685bb29b76d312ddd25\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-bigsmp-2.6.5-7.95.i586.rpm\n 7446bb70f52bce57a914066be4ed8e45\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-bigsmp-2.6.5-7.95.i586.rpm\n 7446bb70f52bce57a914066be4ed8e45\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/kernel-source-2.6.5-7.95.i586.rpm\n ede031495ee19d8b6eca1873e7155332\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-default-2.6.5-7.95.nosrc.rpm\n 620ef40226fec31a773397cf3051bf36\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-smp-2.6.5-7.95.nosrc.rpm\n 9b61b5a70b304f5554cb18a6bae5b5fd\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-bigsmp-2.6.5-7.95.nosrc.rpm\n 227c85280ee17a66c8590fe1bb14c596\n ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/kernel-source-2.6.5-7.95.src.rpm\n 895fee3033de0810ff1173ce8ee87936\n\n SUSE Linux 9.0:\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_deflt-2.4.21-231.i586.rpm\n 48be395b96329909486ae3a5152348fa\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_athlon-2.4.21-231.i586.rpm\n 4cd322b4f511d5fe4c483ed28a82097e\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp-2.4.21-231.i586.rpm\n 262e33cebf1b0d35fb6d3235c9ab8815\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_smp4G-2.4.21-231.i586.rpm\n 8d81370f90736b12aa71b9c744f6e0e2\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_um-2.4.21-231.i586.rpm\n bc59c838c84ba318dc4d24da08a3022e\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/kernel-source-2.4.21-231.i586.rpm\n f9586ba982e0398c3e48871955b661aa\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_deflt-2.4.21-231.src.rpm\n 18673b0bf347fe9557d4e67ca02000c0\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_athlon-2.4.21-231.src.rpm\n 71496daac44196b0e0a3836ee6a3b4ed\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_smp-2.4.21-231.src.rpm\n 7c208e9e3f7be1a68c3c8457eb2cafc4\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_smp4G-2.4.21-231.src.rpm\n b77863c863aaf4b931bff263220e6ec9\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/k_um-2.4.21-231.src.rpm\n bed7e964e22c5e5d2f5e7a5e3816dde4\n ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/kernel-source-2.4.21-231.src.rpm\n 6b5137bf379fbfc861441151039575da\n\n SUSE Linux 8.2:\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_deflt-2.4.20-115.i586.rpm\n 50d261b44616f9145a0dc16df501a504\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_athlon-2.4.20-115.i586.rpm\n 10095854c0bdae20991d90b822352e14\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_smp-2.4.20-115.i586.rpm\n a2ef7cfb0e62ad955dda2b0574eb3150\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/k_psmp-2.4.20-115.i586.rpm\n 1d2b0d0e2c7998685ed04c24e593b196\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/kernel-source-2.4.20.SuSE-115.i586.rpm\n d8bf98c46ba5313db286d5706f7fb3b8\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_deflt-2.4.20-115.src.rpm\n e13a7b4c2b185cfeb991c31607f79ccb\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_athlon-2.4.20-115.src.rpm\n 0e2f2cf20e7d7a20f3e50b245105df61\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_smp-2.4.20-115.src.rpm\n 6cfac2914d3827ec562ff9d6be29c566\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/k_psmp-2.4.20-115.src.rpm\n afd29843aa69d805ef5f25d39ecd0e7f\n ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/kernel-source-2.4.20.SuSE-115.src.rpm\n 098a1400a48404931acb8b3eb2e821fb\n\n SUSE Linux 8.1:\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_deflt-2.4.21-231.i586.rpm\n 3bdaa593d09a7cbff632a2c4446d5603\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_athlon-2.4.21-231.i586.rpm\n ba60d0b2b6d3bc9c38b4e8b3859e1586\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_smp-2.4.21-231.i586.rpm\n ffa8983669004826a0cbedbe34dced76\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/k_psmp-2.4.21-231.i586.rpm\n 25174fd007f5a39ee0342dd6f18f2eaa\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/kernel-source-2.4.21-231.i586.rpm\n 10837fa561cd5104e55d48e46c837764\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_deflt-2.4.21-231.src.rpm\n c37e8b87819602e77b14206affef00fa\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_athlon-2.4.21-231.src.rpm\n 7be68a677db5a65be1a46ec194b35497\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_smp-2.4.21-231.src.rpm\n 8e4b7d5a6bb81da5a00971cdcc4ec641\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/k_psmp-2.4.21-231.src.rpm\n d8ba1db81a9b517f867c970e4fc443a7\n ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/kernel-source-2.4.21-231.src.rpm\n 96a0a9242d066083c7bff8e0f70b7bbe\n\n SUSE Linux 8.0:\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_deflt-2.4.18-303.i386.rpm\n ec1e53b3812c0c0bd3681435d69fb134\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_smp-2.4.18-303.i386.rpm\n 583164e52019ae090fd47e425c2a933e\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_psmp-2.4.18-303.i386.rpm\n 9ac8983abef05697d75f3117e37e5f18\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/images/k_i386-2.4.18-303.i386.rpm\n 4932c4d6a42fc9be02013f398ab5bb96\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/d3/kernel-source-2.4.18.SuSE-303.i386.rpm\n b9de0731f9bbc4b016455a6d52cd8296\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_deflt-2.4.18-303.src.rpm\n a73bacad80432c26e856c41338b154bd\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_smp-2.4.18-303.src.rpm\n 782902cd14e7776db66bd61a12beee03\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_psmp-2.4.18-303.src.rpm\n d71fa5cda488ae18f8d023cd8f28bb73\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/k_i386-2.4.18-303.src.rpm\n a360a9e6ed2db54f69e17db36f02614f\n ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/kernel-source-2.4.18.SuSE-303.nosrc.rpm\n 8017fd6ff8a6fc1a0660ab35ad174388\n\n\n\n x86-64 Platform:\n\n SUSE Linux 9.1:\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-default-2.6.5-7.95.x86_64.rpm\n e2c53fd24991f739fd754c07f7aa8293\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-smp-2.6.5-7.95.x86_64.rpm\n f4a69622b7628cdd662a4e39aa59b60e\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/kernel-source-2.6.5-7.95.x86_64.rpm\n e71adfb1fc662600eb11d3acf67c3dc3\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-default-2.6.5-7.95.nosrc.rpm\n f6a364879d1f2ae2cf854810d61be3ac\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-smp-2.6.5-7.95.nosrc.rpm\n a0096d1fc067d89c9200ea3904713d59\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/kernel-source-2.6.5-7.95.src.rpm\n bf6d0439cfc37b50b4f6822c3403a74f\n\n SUSE Linux 9.0:\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/k_deflt-2.4.21-231.x86_64.rpm\n 17e008a737e5e95e71335e34fa7f86cf\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/k_smp-2.4.21-231.x86_64.rpm\n ca742b550b1a503595b02cbfc9e0e481\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/kernel-source-2.4.21-231.x86_64.rpm\n 8e0c16c42d1a89aa6a09be1dd575de47\n source rpm(s):\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/k_deflt-2.4.21-231.src.rpm\n 58b1bf42b5661119d06a04888144707a\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/k_smp-2.4.21-231.src.rpm\n 5103001136e39fca5a59f4cbde82822b\n ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/kernel-source-2.4.21-231.src.rpm\n 231c9e5e00f17df8cfd72d6c8a68d9cf\n\n\n______________________________________________________________________________\n\n2) Pending vulnerabilities in SUSE Distributions and Workarounds:\n\n - icecast\n The icecast service is vulnerable to a remote denial-of-service\n attack. Update packages will be available soon. \n\n - sitecopy\n The sitecopy package includes a vulnerable version of the\n neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be\n available soon. \n\n - cadaver\n The cadaver package includes a vulnerable version of the\n neon library (CAN-2004-0179, CAN-2004-0398). Update packages will be\n available soon. \n\n - OpenOffice_org\n The OpenOffice_org package includes a vulnerable version\n of the neon library (CAN-2004-0179, CAN-2004-0398). Update packages\n will be available soon. \n\n - tripwire\n A format string bug in tripwire can be exploited locally\n to gain root permissions. \n New packages are available. \n\n - postgresql\n A buffer overflow in psqlODBC could be exploited to crash the\n application using it. E.g. a PHP script that uses ODBC to access a\n PostgreSQL database can be utilized to crash the surrounding Apache\n web-server. Other parts of PostgreSQL are not affected. \n New packages are available. \n\n - XDM/XFree86\n This update resolves random listening to ports by XDM\n that allows to connect via the XDMCP. SUSE LINUX 9.1\n is affected only. \n New packages are available. \n\n - mod_proxy\n A buffer overflow can be triggered by malicious remote\n servers that return a negative Content-Length value. \n This vulnerability can be used to execute commands remotely\n New packages are available. \n\n - freeswan\n A bug in the certificate chain authentication code could allow an\n attacker to authenticate any host against a FreeS/WAN server by\n presenting specially crafted certificates wrapped in a PKCS#7 file. \n The packages are currently being tested and will be available soon. \n\n - ipsec-tools\n The racoon daemon which is responsible for handling IKE messages\n fails to reject invalid or self-signed X.509 certificates which\n allows for man-in-the-middle attacks on IPsec tunnels established\n via racoon. \n The packages are currently being tested and will be available soon. \n\n - less\n This update fixes a possible symlink attack in lessopen.sh. The\n attack can be executed by local users to overwrite arbitrary files\n with the privileges of the user running less. \n New packages are available. \n\n - libpng\n This update adds a missing fix for CAN-2002-1363. \n New packages are available. \n\n - pavuk\n This update fixes a remotely exploitable buffer overflow in pavuk. \n Thanks to Ulf Harnhammar for reporting this to us. \n New packages are available. \n\n - kdebase3\n This update fixes a possible attack on tmp files created at the\n first login of a user using KDE or at the first time running a\n KDE application. This bug can be exploited locally to overwrite\n arbitrary files with the privilege of the victim user. \n Just affects SUSE LINUX 9.1\n New packages are available. \n\n______________________________________________________________________________\n\n3) standard appendix: authenticity verification, additional information\n\n - Package authenticity verification:\n\n SUSE update packages are available on many mirror ftp servers around\n the world. While this service is considered valuable and important\n to the free and open source software community, many users wish to be\n certain as to be the origin of the package and its content before\n installing the package. There are two independent verification methods\n that can be used to prove the authenticity of a downloaded file or\n rpm package:\n 1) md5sums as provided in the (cryptographically signed) announcement. \n 2) using the internal gpg signatures of the rpm package. \n\n 1) execute the command\n md5sum \u003cname-of-the-file.rpm\u003e\n after you have downloaded the file from a SUSE ftp server or its\n mirrors. Then, compare the resulting md5sum with the one that is\n listed in the announcement. Since the announcement containing the\n checksums is cryptographically signed (usually using the key\n security@suse.de), the checksums offer proof of the authenticity\n of the package. \n We recommend against subscribing to security lists which cause the\n email message containing the announcement to be modified so that\n the signature does not match after transport through the mailing\n list software. \n Downsides: You must be able to verify the authenticity of the\n announcement in the first place. If RPM packages are being rebuilt\n and a new version of a package is published on the ftp server, all\n md5 sums for the files are useless. \n\n 2) rpm package signatures provide an easy way to verify the authenticity\n of an rpm package. Use the command\n rpm -v --checksig \u003cfile.rpm\u003e\n to verify the signature of the package, where \u003cfile.rpm\u003e is the\n filename of the rpm package that you have downloaded. Of course,\n package authenticity verification can only target an un-installed rpm\n package file. \n Prerequisites:\n a) gpg is installed\n b) The package is signed using a certain key. The public part of this\n key must be installed by the gpg program in the directory\n ~/.gnupg/ under the user\u0027s home directory who performs the\n signature verification (usually root). You can import the key\n that is used by SUSE in rpm packages for SUSE Linux by saving\n this announcement to a file (\"announcement.txt\") and\n running the command (do \"su -\" to be root):\n gpg --batch; gpg \u003c announcement.txt | gpg --import\n SUSE Linux distributions version 7.1 and thereafter install the\n key \"build@suse.de\" upon installation or upgrade, provided that\n the package gpg is installed. The file containing the public key\n is placed at the top-level directory of the first CD (pubring.gpg)\n and at ftp://ftp.suse.com/pub/suse/pubring.gpg-build.suse.de . \n\n\n - SUSE runs two security mailing lists to which any interested party may\n subscribe:\n\n suse-security@suse.com\n - general/linux/SUSE security discussion. \n All SUSE security announcements are sent to this list. \n To subscribe, send an email to\n \u003csuse-security-subscribe@suse.com\u003e. \n\n suse-security-announce@suse.com\n - SUSE\u0027s announce-only mailing list. \n Only SUSE\u0027s security announcements are sent to this list. \n To subscribe, send an email to\n \u003csuse-security-announce-subscribe@suse.com\u003e. \n\n For general information or the frequently asked questions (faq)\n send mail to:\n \u003csuse-security-info@suse.com\u003e or\n \u003csuse-security-faq@suse.com\u003e respectively. \n\n =====================================================================\n SUSE\u0027s security contact is \u003csecurity@suse.com\u003e or \u003csecurity@suse.de\u003e. \n The \u003csecurity@suse.de\u003e public key is listed below. \n =====================================================================\n______________________________________________________________________________\n\n The information in this advisory may be distributed or reproduced,\n provided that the advisory is not modified in any way. In particular,\n it is desired that the clear-text signature must show proof of the\n authenticity of the text. \n SUSE Linux AG makes no warranties of any kind whatsoever with respect\n to the information contained in this security advisory. \n\nType Bits/KeyID Date User ID\npub 2048R/3D25D3D9 1999-03-06 SuSE Security Team \u003csecurity@suse.de\u003e\npub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key \u003cbuild@suse.de\u003e\n\n#####-----BEGIN PGP PUBLIC KEY BLOCK-----\nVersion: GnuPG v1.0.6 (GNU/Linux)\nComment: For info see http://www.gnupg.org\n\nmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCkYS3yEKeueNWc+z/0Kvff\n4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP+Y0PFPboMvKx0FXl/A0d\nM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR8xocQSVCFxcwvwCglVcO\nQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U8c/yE/vdvpN6lF0tmFrK\nXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0ScZqITuZC4CWxJa9GynBE\nD3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEhELBeGaPdNCcmfZ66rKUd\nG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtBUVKn4zLUOf6aeBAoV6NM\nCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOoAqajLfvkURHAeSsxXIoE\nmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1nKFvF+rQoU3VTRSBQYWNr\nYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohcBBMRAgAcBQI57vSBBQkD\nwmcABAsKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyl8sAJ98BgD40zw0GHJHIf6d\nNfnwI2PAsgCgjH1+PnYEl7TFjtZsqhezX7vZvYCIRgQQEQIABgUCOnBeUgAKCRCe\nQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lxyoAejACeOO1HIbActAevk5MUBhNe\nLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWnB/9An5vfiUUE1VQnt+T/EYklES3t\nXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDVwM2OgSEISZxbzdXGnqIlcT08TzBU\nD9i579uifklLsnr35SJDZ6ram51/CWOnnaVhUzneOA9gTPSr+/fT3WeVnwJiQCQ3\n0kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF5Yryk23pQUPAgJENDEqeU6iIO9Ot\n1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3D3EN8C1yPqZd5CvvznYvB6bWBIpW\ncRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGuzgpJt9IXSzyohEJB6XG5+D0BiF0E\nExECAB0FAjxqqTQFCQoAgrMFCwcKAwQDFQMCAxYCAQIXgAAKCRCoTtronIAKyp1f\nAJ9dR7saz2KPNwD3U+fy/0BDKXrYGACfbJ8fQcJqCBQxeHvt9yMPDVq0B0W5Ag0E\nOe70khAIAISR0E3ozF/la+oNaRwxHLrCet30NgnxRROYhPaJB/Tu1FQokn2/Qld/\nHZnh3TwhBIw1FqrhWBJ7491iAjLR9uPbdWJrn+A7t8kSkPaF3Z/6kyc5a8fas44h\nt5h+6HMBzoFCMAq2aBHQRFRNp9Mz1ZvoXXcI1lk1l8OqcUM/ovXbDfPcXsUVeTPT\ntGzcAi2jVl9hl3iwJKkyv/RLmcusdsi8YunbvWGFAF5GaagYQo7YlF6UaBQnYJTM\n523AMgpPQtsKm9o/w9WdgXkgWhgkhZEeqUS3m5xNey1nLu9iMvq9M/iXnGz4sg6Q\n2Y+GqZ+yAvNWjRRou3zSE7Bzg28MI4sAAwYH/2D71Xc5HPDgu87WnBFgmp8MpSr8\nQnSs0wwPg3xEullGEocolSb2c0ctuSyeVnCttJMzkukL9TqyF4s/6XRstWirSWaw\nJxRLKH6Zjo/FaKsshYKf8gBkAaddvpl3pO0gmUYbqmpQ3xDEYlhCeieXS5MkockQ\n1sj2xYdB1xO0ExzfiCiscUKjUFy+mdzUsUutafuZ+gbHog1CN/ccZCkxcBa5IFCH\nORrNjq9pYWlrxsEn6ApsG7JJbM2besW1PkdEoxak74z1senh36m5jQvVjA3U4xq1\nwwylxadmmJaJHzeiLfb7G1ZRjZTsB7fyYxqDzMVul6o9BSwO/1XsIAnV1uuITAQY\nEQIADAUCOe70kgUJA8JnAAAKCRCoTtronIAKyksiAJsFB3/77SkH3JlYOGrEe1Ol\n0JdGwACeKTttgeVPFB+iGJdiwQlxasOfuXyITAQYEQIADAUCPGqpWQUJCgCCxwAK\nCRCoTtronIAKyofBAKCSZM2UFyta/fe9WgITK9I5hbxxtQCfX+0ar2CZmSknn3co\nSPihn1+OBNyZAQ0DNuEtBAAAAQgAoCRcd7SVZEFcumffyEwfLTcXQjhKzOahzxpo\nomuF+HIyU4AGq+SU8sTZ/1SsjhdzzrSAfv1lETACA+3SmLr5KV40Us1w0UC64cwt\nA46xowVq1vMlH2Lib+V/qr3b1hE67nMHjysECVx9Ob4gFuKNoR2eqnAaJvjnAT8J\n/LoUC20EdCHUqn6v+M9t/WZgC+WNR8cq69uDy3YQhDP/nIan6fm2uf2kSV9A7ZxE\nGrwsWl/WX5Q/sQqMWaU6r4az98X3z90/cN+eJJ3vwtA+rm+nxEvyev+jaLuOQBDf\nebh/XA4FZ35xmi+spdiVeJH4F/ubaGlmj7+wDOF3suYAPSXT2QAFEbQlU3VTRSBT\nZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzdXNlLmRlPokBFQMFEDbhLUfkWLKHsco8\nRQEBVw4H/1vIdiOLX/7hdzYaG9crQVIk3QwaB5eBbjvLEMvuCZHiY2COUg5QdmPQ\n8SlWNZ6k4nu1BLcv2g/pymPUWP9fG4tuSnlUJDrWGm3nhyhAC9iudP2u1YQY37Gb\nB6NPVaZiYMnEb4QYFcqv5c/r2ghSXUTYk7etd6SW6WCOpEqizhx1cqDKNZnsI/1X\n11pFcO2N7rc6byDBJ1T+cK+F1Ehan9XBt/shryJmv04nli5CXQMEbiqYYMOu8iaA\n8AWRgXPCWqhyGhcVD3LRhUJXjUOdH4ZiHCXaoF3zVPxpeGKEQY8iBrDeDyB3wHmj\nqY9WCX6cmogGQRgYG6yJqDalLqrDOdmJARUDBRA24S0Ed7LmAD0l09kBAW04B/4p\nWH3f1vQn3i6/+SmDjGzUu2GWGq6Fsdwo2hVM2ym6CILeow/K9JfhdwGvY8LRxWRL\nhn09j2IJ9P7H1Yz3qDf10AX6V7YILHtchKT1dcngCkTLmDgC4rs1iAAl3f089sRG\nBafGPGKv2DQjHfR1LfRtbf0P7c09Tkej1MP8HtQMW9hPkBYeXcwbCjdrVGFOzqx+\nAvvJDdT6a+oyRMTFlvmZ83UV5pgoyimgjhWnM1V4bFBYjPrtWMkdXJSUXbR6Q7Pi\nRZWCzGRzwbaxqpl3rK/YTCphOLwEMB27B4/fcqtBzgoMOiaZA0M5fFoo54KgRIh0\nzinsSx2OrWgvSiLEXXYKiEYEEBECAAYFAjseYcMACgkQnkDjEAAKq6ROVACgjhDM\n/3KM+iFjs5QXsnd4oFPOnbkAnjYGa1J3em+bmV2aiCdYXdOuGn4ZiQCVAwUQN7c7\nwhaQN/7O/JIVAQEB+QP/cYblSAmPXxSFiaHWB+MiUNw8B6ozBLK0QcMQ2YcL6+Vl\nD+nSZP20+Ja2nfiKjnibCv5ss83yXoHkYk2Rsa8foz6Y7tHwuPiccvqnIC/c9Cvz\ndbIsdxpfsi0qWPfvX/jLMpXqqnPjdIZErgxpwujas1n9016PuXA8K3MJwVjCqSKI\nRgQQEQIABgUCOhpCpAAKCRDHUqoysN/3gCt7AJ9adNQMbmA1iSYcbhtgvx9ByLPI\nDgCfZ5Wj+f7cnYpFZI6GkAyyczG09sE=\n=LRKC\n- -----END PGP PUBLIC KEY BLOCK-----\n\n- -- \n - -\n| Roman Drahtm\\xfcller \u003cdraht@suse.de\u003e // \"You don\u0027t need eyes to see, |\n SUSE Linux AG - Security Phone: // you need vision!\"\n| N\\xfcrnberg, Germany +49-911-740530 // Maxi Jazz, Faithless |\n - -\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.0.7 (GNU/Linux)\n\niQEVAwUBQOWPL3ey5gA9JdPZAQFFzQf+Mo5WmO40BDHakn4qD5rAcfU6H/0rhMpy\nBi8r+g6GoSp/m2Zy+1O0Qn3jVb/iirVlnHH3DND1r/GunM3c5CTaMYt2Bt7PTOdt\nOsjD41lbiFlHDmmmaodROQvcrz7T67YU0gCtSKJdDfs2ATiiUOcyUQZNfi/PiEqD\njwmKpP5c1NXSXPSwZ2f430itJA5iUqqVBeB1WHn63kOnIKtHBJ9c6uw3rZ99t1OA\niud3L+VQSycb8xQSlOsuiaYW1S236VsogKWRbqY76eo7E2AnVQlMpcZkyW91/vfT\nWntQlZJAaGFX1q/IyGy+PGFPUoJjNc7H6jy5ZqJqXR5Sb0KrHfadCQ==\n=24bz\n-----END PGP SIGNATURE-----\n", "sources": [ { "db": "NVD", "id": "CVE-2004-0535" }, { "db": "JVNDB", "id": "JVNDB-2004-000194" }, { "db": "BID", "id": "10352" }, { "db": "VULHUB", "id": "VHN-8965" }, { "db": "PACKETSTORM", "id": "33705" } ], "trust": 2.07 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2004-0535", "trust": 2.9 }, { "db": "BID", "id": "10352", "trust": 2.8 }, { "db": "XF", "id": "16159", "trust": 1.4 }, { "db": "JVNDB", "id": "JVNDB-2004-000194", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-200408-072", "trust": 0.7 }, { "db": "GENTOO", "id": "GLSA-200407-02", "trust": 0.6 }, { "db": "SUSE", "id": "SUSE-SA:2004:020", "trust": 0.6 }, { "db": "OVAL", "id": "OVAL:ORG.MITRE.OVAL:DEF:11136", "trust": 0.6 }, { "db": "REDHAT", "id": "RHSA-2004:418", "trust": 0.6 }, { "db": "REDHAT", "id": "RHSA-2004:413", "trust": 0.6 }, { "db": "CONECTIVA", "id": "CLA-2004:845", "trust": 0.6 }, { "db": "MANDRAKE", "id": "MDKSA-2004:062", "trust": 0.6 }, { "db": "XF", "id": "1000", "trust": 0.6 }, { "db": "FEDORA", "id": "FEDORA-2004-186", "trust": 0.6 }, { "db": "SGI", "id": "20040804-01-U", "trust": 0.6 }, { "db": "VULHUB", "id": "VHN-8965", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "33705", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-8965" }, { "db": "BID", "id": "10352" }, { "db": "JVNDB", "id": "JVNDB-2004-000194" }, { "db": "PACKETSTORM", "id": "33705" }, { "db": "CNNVD", "id": "CNNVD-200408-072" }, { "db": "NVD", "id": "CVE-2004-0535" } ] }, "id": "VAR-200408-0086", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-8965" } ], "trust": 0.01 }, "last_update_date": "2024-08-14T12:15:02.744000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "kernel_30", "trust": 0.8, "url": "http://www.miraclelinux.com/support/update/data/kernel_30.html" }, { "title": "kernel_se20", "trust": 0.8, "url": "http://www.miraclelinux.com/support/update/data/kernel_se20.html" }, { "title": "RHSA-2004:418", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2004-418.html" }, { "title": "RHSA-2004:413", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2004-413.html" }, { "title": "RHSA-2004:327", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2004-327.html" }, { "title": "Top Page", "trust": 0.8, "url": "http://www.turbolinux.co.jp/" }, { "title": "RHSA-2004:327", "trust": 0.8, "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2004-327J.html" }, { "title": "RHSA-2004:418", "trust": 0.8, "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2004-418J.html" }, { "title": "RHSA-2004:413", "trust": 0.8, "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2004-413J.html" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2004-000194" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-Other", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2004-0535" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "http://www.securityfocus.com/bid/10352" }, { "trust": 2.0, "url": "http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log" }, { "trust": 1.7, "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168" }, { "trust": 1.7, "url": "http://lwn.net/articles/91155/" }, { "trust": 1.7, "url": "http://security.gentoo.org/glsa/glsa-200407-02.xml" }, { "trust": 1.7, "url": "http://www.mandriva.com/security/advisories?name=mdksa-2004:062" }, { "trust": 1.7, "url": "http://www.redhat.com/support/errata/rhsa-2004-413.html" }, { "trust": 1.7, "url": "http://www.redhat.com/support/errata/rhsa-2004-418.html" }, { "trust": 1.7, "url": "ftp://patches.sgi.com/support/free/security/advisories/20040804-01-u.asc" }, { "trust": 1.7, "url": "http://www.novell.com/linux/security/advisories/2004_20_kernel.html" }, { "trust": 1.6, "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000845" }, { "trust": 1.4, "url": "http://xforce.iss.net/xforce/xfdb/16159" }, { "trust": 1.1, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11136" }, { "trust": 1.1, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16159" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0535" }, { "trust": 0.8, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0535" }, { "trust": 0.6, "url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:11136" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2004-327.html" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2004-413.html" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2004-418.html" }, { "trust": 0.1, "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026amp;anuncio=000845" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0535" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0497" }, { "trust": 0.1, "url": "http://www.gnupg.org" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0626" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0495" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0496" } ], "sources": [ { "db": "VULHUB", "id": "VHN-8965" }, { "db": "BID", "id": "10352" }, { "db": "JVNDB", "id": "JVNDB-2004-000194" }, { "db": "PACKETSTORM", "id": "33705" }, { "db": "CNNVD", "id": "CNNVD-200408-072" }, { "db": "NVD", "id": "CVE-2004-0535" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-8965" }, { "db": "BID", "id": "10352" }, { "db": "JVNDB", "id": "JVNDB-2004-000194" }, { "db": "PACKETSTORM", "id": "33705" }, { "db": "CNNVD", "id": "CNNVD-200408-072" }, { "db": "NVD", "id": "CVE-2004-0535" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2004-08-06T00:00:00", "db": "VULHUB", "id": "VHN-8965" }, { "date": "2004-05-14T00:00:00", "db": "BID", "id": "10352" }, { "date": "2007-04-01T00:00:00", "db": "JVNDB", "id": "JVNDB-2004-000194" }, { "date": "2004-07-02T12:32:00", "db": "PACKETSTORM", "id": "33705" }, { "date": "2004-05-14T00:00:00", "db": "CNNVD", "id": "CNNVD-200408-072" }, { "date": "2004-08-06T04:00:00", "db": "NVD", "id": "CVE-2004-0535" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2017-10-11T00:00:00", "db": "VULHUB", "id": "VHN-8965" }, { "date": "2010-08-05T19:46:00", "db": "BID", "id": "10352" }, { "date": "2007-04-01T00:00:00", "db": "JVNDB", "id": "JVNDB-2004-000194" }, { "date": "2005-10-20T00:00:00", "db": "CNNVD", "id": "CNNVD-200408-072" }, { "date": "2017-10-11T01:29:27.607000", "db": "NVD", "id": "CVE-2004-0535" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "BID", "id": "10352" }, { "db": "PACKETSTORM", "id": "33705" }, { "db": "CNNVD", "id": "CNNVD-200408-072" } ], "trust": 1.0 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Linux Kernel of e1000 Driver memory leak vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2004-000194" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Boundary Condition Error", "sources": [ { "db": "BID", "id": "10352" }, { "db": "CNNVD", "id": "CNNVD-200408-072" } ], "trust": 0.9 } }
var-200504-0292
Vulnerability from variot
Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1.3.5 allows remote attackers to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ GNU zip (gzip) Is a utility that compresses and decompresses files. grep Run zgrep Or unzip the compressed file gunzip Each tool is packaged. Gzip 1.2.4 Previously, there were several security issues: 1) gzip 1.2.4 Included before zgrep There is a problem that does not properly sanitize arguments. (CAN-2005-0758) Details are currently unknown, but local attackers who exploit this issue zgrep An arbitrary command may be executed by passing an intentional file name to. 2) gzip 1.2.4 Previously, when decompressing a compressed file, there was a problem that caused a race condition between writing the decompressed file and changing permissions. (CAN-2005-0988) A local attacker who exploits this issue could alter the permissions of an arbitrary file by replacing the decompressed file with a hard link to the arbitrary file at a specific time. 3) gzip 1.2.4 Included before gunzip Is -N When decompressing a compressed file with a flag, there is a problem that the validity of the file name is not properly checked. (CAN-2005-1228) A remote attacker who exploits this issue ".." Send a compressed file that is a compressed file containing an intentional character string to the target user gzip Inducing a directory traversal attack by inducing unpacking with.Please refer to the “Overview” for the impact of this vulnerability. The gzip utility is prone to a directory-traversal vulnerability. The issue occurs when gunzip is invoked on a malicious archive using the '-N' option. An archive containing an absolute path for a filename that contains '/' characters can cause the file to be written using the absolute path contained in the filename. A remote attacker may leverage this issue using a malicious archive to corrupt arbitrary files with the privileges of the user that is running the vulnerable software. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200505-05
http://security.gentoo.org/
Severity: Normal Title: gzip: Multiple vulnerabilities Date: May 09, 2005 Bugs: #89946, #90626 ID: 200505-05
Synopsis
gzip contains multiple vulnerabilities potentially allowing an attacker to execute arbitrary commands. The zgrep utility improperly sanitizes arguments, which may come from an untrusted source (CAN-2005-0758).
Impact
These vulnerabilities could allow arbitrary command execution, changing the permissions of arbitrary files, and installation of files to an aribitrary location in the filesystem.
Workaround
There is no known workaround at this time.
Resolution
All gzip users should upgrade to the latest stable version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-arch/gzip-1.3.5-r6"
References
[ 1 ] CAN-2005-0758 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0758 [ 2 ] CAN-2005-0988 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0988 [ 3 ] CAN-2005-1228 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1228
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200505-05.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.0
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-200504-0292", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "gzip", "scope": "eq", "trust": 1.9, "vendor": "gnu", "version": "1.3.3" }, { "model": "gzip", "scope": "eq", "trust": 1.9, "vendor": "gnu", "version": "1.2.4" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "2.0" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "2.1" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3.0" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3.0 (x86-64)" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "4.0" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "4.0 (x86-64)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "10 (sparc)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "10 (x86)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "8 (sparc)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "8 (x86)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "9 (sparc)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "9 (x86)" }, { "model": "turbolinux server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "10" }, { "model": "turbolinux server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "7" }, { "model": "turbolinux server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "8" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (ws)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (ws)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 (ws)" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.1.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.8" }, { "model": "s8500 r2.0.0", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.5" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.2" }, { "model": "s8700 r2.0.0", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.0.4" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.3" }, { "model": "-stablepre122300", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.2" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.10" }, { "model": "alpha", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.0" }, { "model": "gzip", "scope": "eq", "trust": 0.3, "vendor": "gnu", "version": "1.3.4" }, { "model": "linux ppc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "4.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.1" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.11" }, { "model": "network messaging", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "5.04" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.9" }, { "model": "workstation", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "8.0" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.2.1" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.2" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.1" }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.6" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.4" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.5" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.0.x" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.6" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.6" }, { "model": "directory pro", "scope": "eq", "trust": 0.3, "vendor": "cosmicperl", "version": "10.0.3" }, { "model": "big-ip", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "4.5.13" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "appliance server hosting edition", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "1.0" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.1" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "open server", "scope": "eq", "trust": 0.3, "vendor": "sco", "version": "5.0.7" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3" }, { "model": "advanced workstation for the itanium processor", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "s8500 r2.0.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.6" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.4" }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.7" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.03" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "7.0" }, { "model": "-release-p7", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.8" }, { "model": "-release-p32", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5.12" }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1" }, { "model": "enterprise linux ws ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.2" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.4" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.8" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.7" }, { "model": "ipcop", "scope": "eq", "trust": 0.3, "vendor": "ipcop", "version": "1.4.1" }, { "model": "openpkg", "scope": "eq", "trust": 0.3, "vendor": "openpkg", "version": "2.2" }, { "model": "s8710 r2.0.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.3" }, { "model": "3-dns", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "4.5.13" }, { "model": "integrated management", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.7" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.2" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.4" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6.2" }, { "model": "solaris 8 sparc", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.4" }, { "model": "big-ip", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "4.7" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.3" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.8" }, { "model": "solaris", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "9" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.5" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.11" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.0" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.7" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.5" }, { "model": "secure linux", "scope": "eq", "trust": 0.3, "vendor": "trustix", "version": "2.2" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5.11" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.6.2" }, { "model": "advanced linux environment", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "3.0" }, { "model": "secure linux", "scope": "eq", "trust": 0.3, "vendor": "trustix", "version": "2.1" }, { "model": "propack", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "3.0" }, { "model": "desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4.0" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.4" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.8" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.3" }, { "model": "home", "scope": null, "trust": 0.3, "vendor": "turbolinux", "version": null }, { "model": "-stablepre2002-03-07", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.0" }, { "model": "intuity lx", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.6.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.2" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.8" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.7" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.5" }, { "model": "3-dns", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "4.7" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.9" }, { "model": "appliance server workgroup edition", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "1.0" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.0.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.2" }, { "model": "advanced workstation for the itanium processor ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.1" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "8.0" }, { "model": "solaris 8 x86", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.2" }, { "model": "-release-p8", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.10" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.9" }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.6.3" }, { "model": "s8300 r2.0.0", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.2" }, { "model": "linux", "scope": null, "trust": 0.3, "vendor": "gentoo", "version": null }, { "model": "linux ia64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "4.1" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.7" }, { "model": "-release-p17", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.7" }, { "model": "unixware", "scope": "eq", "trust": 0.3, "vendor": "sco", "version": "7.1.4" }, { "model": "alpha", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.0" }, { "model": "-release/alpha", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.1" }, { "model": "secure enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "trustix", "version": "2.0" }, { "model": "ipcop", "scope": "eq", "trust": 0.3, "vendor": "ipcop", "version": "1.4.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.2" }, { "model": "integrated management", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.9" }, { "model": "desktop", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "10.0" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.5" }, { "model": "solaris 10.0 x86", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.6" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.7" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.6" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "10.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.1.1" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.2" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.10" }, { "model": "enterprise linux as ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "cvlan", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "s8300 r2.0.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "solaris", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "10" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.4" }, { "model": "-prerelease", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.6" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.7" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.3" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.10" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.1" }, { "model": "-release-p20", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6" }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.0.3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.0.2" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.1" }, { "model": "-release-p38", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.3" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.0" }, { "model": "gzip", "scope": "eq", "trust": 0.3, "vendor": "gnu", "version": "1.3.2" }, { "model": "-release-p14", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.0" }, { "model": "modular messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.0" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.3" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "5.04" }, { "model": "ipcop", "scope": "eq", "trust": 0.3, "vendor": "ipcop", "version": "1.4.4" }, { "model": "s8710 r2.0.0", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1" }, { "model": "-prerelease", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.8" }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5.11" }, { "model": "openpkg", "scope": "eq", "trust": 0.3, "vendor": "openpkg", "version": "2.3" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.3" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6" }, { "model": "workstation", "scope": "eq", "trust": 0.3, "vendor": "turbolinux", "version": "7.0" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.6" }, { "model": "gzip a", "scope": "eq", "trust": 0.3, "vendor": "gnu", "version": "1.2.4" }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.6.2" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.1.1" }, { "model": "ipcop", "scope": "eq", "trust": 0.3, "vendor": "ipcop", "version": "1.4.5" }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "solaris 9 x86 update", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "2" }, { "model": "desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3.0" }, { "model": "current", "scope": null, "trust": 0.3, "vendor": "openpkg", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.8" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.7" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.2" }, { "model": "s8700 r2.0.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5.9" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.4" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.3" }, { "model": "-release-p5", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.1" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.3" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6" }, { "model": "gzip", "scope": "eq", "trust": 0.3, "vendor": "gnu", "version": "1.3.5" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "5.04" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.5" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.2" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.3" }, { "model": "-stablepre050201", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.2" }, { "model": "solaris 9 x86", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.0" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5.12" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.4" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5.6" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.3" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.2" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.1" }, { "model": "-prerelease", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.9" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.0" }, { "model": "-release-p3", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.11" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.3" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.4" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.5" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.0" }, { "model": "-release-p42", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.4" }, { "model": "converged communications server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.0" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.7" }, { "model": "linux ia32", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "4.1" }, { "model": "modular messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.4.3" }, { "model": "open server", "scope": "eq", "trust": 0.3, "vendor": "sco", "version": "6.0" }, { "model": "enterprise linux es ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.2" }, { "model": "enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.4" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5.10" } ], "sources": [ { "db": "BID", "id": "13290" }, { "db": "JVNDB", "id": "JVNDB-2005-000230" }, { "db": "CNNVD", "id": "CNNVD-200505-671" }, { "db": "NVD", "id": "CVE-2005-1228" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server", "vulnerable": true }, { "cpe22Uri": "cpe:/o:sun:solaris", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux_server", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:enterprise_linux", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2005-000230" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Ulf Harnhammar\u203b ulfh@update.uu.se\u203bImran Ghory\u203b imranghory@gmail.com", "sources": [ { "db": "CNNVD", "id": "CNNVD-200505-671" } ], "trust": 0.6 }, "cve": "CVE-2005-1228", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "exploitabilityScore": 10.0, "id": "CVE-2005-1228", "impactScore": 2.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2005-1228", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2005-1228", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-200505-671", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2005-000230" }, { "db": "CNNVD", "id": "CNNVD-200505-671" }, { "db": "NVD", "id": "CVE-2005-1228" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1.3.5 allows remote attackers to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ GNU zip (gzip) Is a utility that compresses and decompresses files. grep Run zgrep Or unzip the compressed file gunzip Each tool is packaged. Gzip 1.2.4 Previously, there were several security issues: 1) gzip 1.2.4 Included before zgrep There is a problem that does not properly sanitize arguments. (CAN-2005-0758) Details are currently unknown, but local attackers who exploit this issue zgrep An arbitrary command may be executed by passing an intentional file name to. 2) gzip 1.2.4 Previously, when decompressing a compressed file, there was a problem that caused a race condition between writing the decompressed file and changing permissions. (CAN-2005-0988) A local attacker who exploits this issue could alter the permissions of an arbitrary file by replacing the decompressed file with a hard link to the arbitrary file at a specific time. 3) gzip 1.2.4 Included before gunzip Is -N When decompressing a compressed file with a flag, there is a problem that the validity of the file name is not properly checked. (CAN-2005-1228) A remote attacker who exploits this issue \"..\" Send a compressed file that is a compressed file containing an intentional character string to the target user gzip Inducing a directory traversal attack by inducing unpacking with.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. The gzip utility is prone to a directory-traversal vulnerability. The issue occurs when gunzip is invoked on a malicious archive using the \u0027-N\u0027 option. \nAn archive containing an absolute path for a filename that contains \u0027/\u0027 characters can cause the file to be written using the absolute path contained in the filename. \nA remote attacker may leverage this issue using a malicious archive to corrupt arbitrary files with the privileges of the user that is running the vulnerable software. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200505-05\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: gzip: Multiple vulnerabilities\n Date: May 09, 2005\n Bugs: #89946, #90626\n ID: 200505-05\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\ngzip contains multiple vulnerabilities potentially allowing an attacker\nto execute arbitrary commands. The zgrep utility improperly\nsanitizes arguments, which may come from an untrusted source\n(CAN-2005-0758). \n\nImpact\n======\n\nThese vulnerabilities could allow arbitrary command execution, changing\nthe permissions of arbitrary files, and installation of files to an\naribitrary location in the filesystem. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll gzip users should upgrade to the latest stable version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=app-arch/gzip-1.3.5-r6\"\n\nReferences\n==========\n\n [ 1 ] CAN-2005-0758\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0758\n [ 2 ] CAN-2005-0988\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0988\n [ 3 ] CAN-2005-1228\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1228\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200505-05.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2005 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.0\n", "sources": [ { "db": "NVD", "id": "CVE-2005-1228" }, { "db": "JVNDB", "id": "JVNDB-2005-000230" }, { "db": "BID", "id": "13290" }, { "db": "PACKETSTORM", "id": "38412" } ], "trust": 1.98 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2005-1228", "trust": 2.8 }, { "db": "SECUNIA", "id": "15047", "trust": 2.4 }, { "db": "OSVDB", "id": "15721", "trust": 1.6 }, { "db": "SECUNIA", "id": "18100", "trust": 1.6 }, { "db": "SECUNIA", "id": "21253", "trust": 1.6 }, { "db": "SECUNIA", "id": "22033", "trust": 1.6 }, { "db": "VUPEN", "id": "ADV-2006-3101", "trust": 1.6 }, { "db": "BID", "id": "19289", "trust": 1.6 }, { "db": "USCERT", "id": "TA06-214A", "trust": 1.6 }, { "db": "XF", "id": "20199", "trust": 1.4 }, { "db": "BID", "id": "13290", "trust": 1.1 }, { "db": "BID", "id": "13582", "trust": 0.8 }, { "db": "BID", "id": "12996", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2005-000230", "trust": 0.8 }, { "db": "BUGTRAQ", "id": "20050420 GZIP DIRECTORY TRAVERSAL VULNERABILITY", "trust": 0.6 }, { "db": "SCO", "id": "SCOSA-2005.58", "trust": 0.6 }, { "db": "SLACKWARE", "id": "SSA:2006-262", "trust": 0.6 }, { "db": "OVAL", "id": "OVAL:ORG.MITRE.OVAL:DEF:170", "trust": 0.6 }, { "db": "OVAL", "id": "OVAL:ORG.MITRE.OVAL:DEF:382", "trust": 0.6 }, { "db": "CERT/CC", "id": "TA06-214A", "trust": 0.6 }, { "db": "REDHAT", "id": "RHSA-2005:357", "trust": 0.6 }, { "db": "APPLE", "id": "APPLE-SA-2006-08-01", "trust": 0.6 }, { "db": "SUNALERT", "id": "101816", "trust": 0.6 }, { "db": "DEBIAN", "id": "DSA-752", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-200505-671", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "38412", "trust": 0.1 } ], "sources": [ { "db": "BID", "id": "13290" }, { "db": "JVNDB", "id": "JVNDB-2005-000230" }, { "db": "PACKETSTORM", "id": "38412" }, { "db": "CNNVD", "id": "CNNVD-200505-671" }, { "db": "NVD", "id": "CVE-2005-1228" } ] }, "id": "VAR-200504-0292", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.4615448 }, "last_update_date": "2024-11-29T20:40:19.172000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "AXSA-2005-51:1", "trust": 0.8, "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=87" }, { "title": "AXSA-2006-27:1", "trust": 0.8, "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=342" }, { "title": "bzip2", "trust": 0.8, "url": "http://www.miraclelinux.com/support/update/data/bzip2.html" }, { "title": "gzip", "trust": 0.8, "url": "http://www.miraclelinux.com/support/update/data/gzip.html" }, { "title": "AXSA-2005-48:1", "trust": 0.8, "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=86" }, { "title": "RHSA-2005:357", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2005-357.html" }, { "title": "RHSA-2005:474", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2005-474.html" }, { "title": "101816", "trust": 0.8, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101816-1" }, { "title": "101816", "trust": 0.8, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101816-3" }, { "title": "TLSA-2005-59", "trust": 0.8, "url": "http://www.turbolinux.com/security/2005/TLSA-2005-59.txt" }, { "title": "RHSA-2005:357", "trust": 0.8, "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2005-357J.html" }, { "title": "RHSA-2005:474", "trust": 0.8, "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2005-474J.html" }, { "title": "TLSA-2005-59", "trust": 0.8, "url": "http://www.turbolinux.co.jp/security/2005/TLSA-2005-59j.txt" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2005-000230" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-Other", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2005-1228" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.4, "url": "http://secunia.com/advisories/15047" }, { "trust": 1.9, "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=305255" }, { "trust": 1.9, "url": "http://rhn.redhat.com/errata/rhsa-2005-357.html" }, { "trust": 1.9, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101816-1" }, { "trust": 1.6, "url": "http://www.us-cert.gov/cas/techalerts/ta06-214a.html" }, { "trust": 1.6, "url": "http://www.securityfocus.com/bid/19289" }, { "trust": 1.6, "url": "http://www.osvdb.org/15721" }, { "trust": 1.6, "url": "http://www.debian.org/security/2005/dsa-752" }, { "trust": 1.6, "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.555852" }, { "trust": 1.6, "url": "http://secunia.com/advisories/22033" }, { "trust": 1.6, "url": "http://secunia.com/advisories/21253" }, { "trust": 1.6, "url": "http://secunia.com/advisories/18100" }, { "trust": 1.6, "url": "http://lists.apple.com/archives/security-announce/2006//aug/msg00000.html" }, { "trust": 1.6, "url": "ftp://ftp.sco.com/pub/updates/unixware/scosa-2005.58/scosa-2005.58.txt" }, { "trust": 1.4, "url": "http://xforce.iss.net/xforce/xfdb/20199" }, { "trust": 1.0, "url": "http://www.vupen.com/english/advisories/2006/3101" }, { "trust": 1.0, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a382" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=111402732406477\u0026w=2" }, { "trust": 1.0, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11057" }, { "trust": 1.0, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/20199" }, { "trust": 1.0, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a170" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-1228" }, { "trust": 0.8, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-1228" }, { "trust": 0.8, "url": "http://www.securityfocus.com/bid/12996" }, { "trust": 0.8, "url": "http://www.securityfocus.com/bid/13582" }, { "trust": 0.8, "url": "http://www.securityfocus.com/bid/13290" }, { "trust": 0.6, "url": "http://www.frsirt.com/english/advisories/2006/3101" }, { "trust": 0.6, "url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=111402732406477\u0026w=2" }, { "trust": 0.6, "url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:382" }, { "trust": 0.6, "url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:170" }, { "trust": 0.3, "url": "http://support.avaya.com/elmodocs2/security/asa-2005-172.pdf" }, { "trust": 0.3, "url": "http://www.gzip.org/" }, { "trust": 0.3, "url": "http://www.ipcop.org/modules.php?op=modload\u0026name=news\u0026file=article\u0026sid=21\u0026mode=thread\u0026order=0\u0026thold=0" }, { "trust": 0.3, "url": "http://tech.f5.com/home/bigip/solutions/advisories/sol4532.html" }, { "trust": 0.3, "url": "/archive/1/396397" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-0758" }, { "trust": 0.1, "url": "http://bugs.gentoo.org." }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2005-1228" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-0988" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2005-0758" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.0" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-1228" }, { "trust": 0.1, "url": "http://security.gentoo.org/" }, { "trust": 0.1, "url": "http://security.gentoo.org/glsa/glsa-200505-05.xml" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2005-0988" } ], "sources": [ { "db": "BID", "id": "13290" }, { "db": "JVNDB", "id": "JVNDB-2005-000230" }, { "db": "PACKETSTORM", "id": "38412" }, { "db": "CNNVD", "id": "CNNVD-200505-671" }, { "db": "NVD", "id": "CVE-2005-1228" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "BID", "id": "13290" }, { "db": "JVNDB", "id": "JVNDB-2005-000230" }, { "db": "PACKETSTORM", "id": "38412" }, { "db": "CNNVD", "id": "CNNVD-200505-671" }, { "db": "NVD", "id": "CVE-2005-1228" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2005-04-20T00:00:00", "db": "BID", "id": "13290" }, { "date": "2007-04-01T00:00:00", "db": "JVNDB", "id": "JVNDB-2005-000230" }, { "date": "2005-07-02T00:59:07", "db": "PACKETSTORM", "id": "38412" }, { "date": "2005-04-21T00:00:00", "db": "CNNVD", "id": "CNNVD-200505-671" }, { "date": "2005-05-02T04:00:00", "db": "NVD", "id": "CVE-2005-1228" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2006-08-02T20:26:00", "db": "BID", "id": "13290" }, { "date": "2007-04-01T00:00:00", "db": "JVNDB", "id": "JVNDB-2005-000230" }, { "date": "2005-10-20T00:00:00", "db": "CNNVD", "id": "CNNVD-200505-671" }, { "date": "2024-11-20T23:56:53.297000", "db": "NVD", "id": "CVE-2005-1228" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-200505-671" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "gzip of zgrep Vulnerable to arbitrary command execution", "sources": [ { "db": "JVNDB", "id": "JVNDB-2005-000230" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "path traversal", "sources": [ { "db": "CNNVD", "id": "CNNVD-200505-671" } ], "trust": 0.6 } }
var-200505-0162
Vulnerability from variot
Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clients allows remote attackers to execute arbitrary code via responses that contain a large number of characters that require escaping, which consumers more memory than allocated. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. A buffer overflow in certain Apple AirPort drivers may allow an attacker to execute arbitrary code with system privileges, or create a denial-of-service condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Included with many products telnet Clients env_opt_add() There is a vulnerability that causes a buffer overflow when certain input data including escape characters is processed due to improper bounds checking in the function.Configured by a third party telnet Guided or crafted the target user to log in to the server Web By displaying the page, arbitrary code may be executed with the user's authority. Multiple vendors' Telnet client applications are reported prone to a remote buffer-overflow vulnerability. This vulnerability reportedly occurs in the 'env_opt_add()' function in the 'telnet.c' source file, which is apparently common source for all the affected vendors. A remote attacker may exploit this vulnerability to execute arbitrary code on some of the affected platforms in the context of a user that is using the vulnerable Telnet client to connect to a malicious server.
To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German.
The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios.
This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links
Read the full description: http://corporate.secunia.com/products/48/?r=l
Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l
TITLE: Apple Airport Probe Response Kernel Memory Corruption Vulnerability
SECUNIA ADVISORY ID: SA22679
VERIFY ADVISORY: http://secunia.com/advisories/22679/
CRITICAL: Moderately critical
IMPACT: DoS, System access
WHERE:
From remote
OPERATING SYSTEM: Apple Macintosh OS X http://secunia.com/product/96/
DESCRIPTION: H.D. Moore has reported a vulnerability in the Apple Airport driver, which potentially can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an error in the Airport driver provided with Orinoco-based Airport cards when handling probe response frames. This can be exploited to overwrite kernel memory and potentially execute arbitrary code when the driver is running in active scanning mode.
The vulnerability is reported in the driver on a PowerBook running version 10.4.8. Other versions may also be affected.
SOLUTION: Do not place the card into active scanning mode.
PROVIDED AND/OR DISCOVERED BY: H D Moore
ORIGINAL ADVISORY: http://projects.info-pull.com/mokb/MOKB-01-11-2006.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
Background
telnet-bsd provides a command line telnet client which is used for remote login using the telnet protocol.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-misc/telnet-bsd < 1.0-r1 >= 1.0-r1
Description
A buffer overflow has been identified in the env_opt_add() function of telnet-bsd, where a response requiring excessive escaping can cause a heap-based buffer overflow. Another issue has been identified in the slc_add_reply() function, where a large number of SLC commands can overflow a fixed size buffer.
Workaround
There is no known workaround at this time.
Resolution
All telnet-bsd users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/telnet-bsd-1.0-r1"
References
[ 1 ] CAN-2005-0468 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0468 [ 2 ] IDEF0867
http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities [ 3 ] CAN-2005-0469 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469 [ 4 ] IDEF0866
http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200504-01.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.0
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA 703-1 security@debian.org http://www.debian.org/security/ Martin Schulze April 1st, 2005 http://www.debian.org/security/faq
Package : krb5 Vulnerability : buffer overflows Problem-Type : remote Debian-specific: no CVE IDs : CAN-2005-0468 CAN-2005-0469 CERT advisories: VU#341908 VU#291924
Several problems have been discovered in telnet clients that could be exploited by malicious daemons the client connects to.
CAN-2005-0469
Ga\xebl Delalleau discovered a buffer overflow in the handling of the
LINEMODE suboptions in telnet clients. This can lead to the
execution of arbitrary code when connected to a malicious server.
For the stable distribution (woody) these problems have been fixed in version 1.2.4-5woody8.
For the unstable distribution (sid) these problems have been fixed in version 1.3.6-1.
We recommend that you upgrade your krb5 package.
Upgrade Instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 3.0 alias woody
Source archives:
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody8.dsc
Size/MD5 checksum: 750 51c3ea6dcf74a9d82bef016509870c3d
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody8.diff.gz
Size/MD5 checksum: 83173 97d5ce1eeec763cc67d56b0758891a0f
http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4.orig.tar.gz
Size/MD5 checksum: 5443051 663add9b5942be74a86fa860a3fa4167
Architecture independent components:
http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.2.4-5woody8_all.deb
Size/MD5 checksum: 512968 88dea0dcf727a6fe03457485e6c98ea4
Alpha architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_alpha.deb
Size/MD5 checksum: 253798 4124ad89c3d6698ae5ce09cc0a810e77
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_alpha.deb
Size/MD5 checksum: 217536 02bdd8e928ce65cfc415de890106cde7
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_alpha.deb
Size/MD5 checksum: 63072 9aa2b092cc3d4729f6d309160b27117c
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_alpha.deb
Size/MD5 checksum: 252162 0f2b0638347b34b07ab919c05b7a404a
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_alpha.deb
Size/MD5 checksum: 76452 4eab68ade26bdd00dc733183f673cf7e
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_alpha.deb
Size/MD5 checksum: 59106 4c00e1ad73ba0be9631ed3b20846cf31
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_alpha.deb
Size/MD5 checksum: 207478 f94b1e493f4a35a9244ab0a71f714f61
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_alpha.deb
Size/MD5 checksum: 83948 b4870cfb49811f9e9bfc182004d6e72a
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_alpha.deb
Size/MD5 checksum: 633440 f794455df495082bd8c40b2f0a6e0f22
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_alpha.deb
Size/MD5 checksum: 367446 248fced4d354d47649deaa0c5d349354
ARM architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_arm.deb
Size/MD5 checksum: 197342 11591d7d943ee2d38f0117b53ec59026
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_arm.deb
Size/MD5 checksum: 160678 f4118cf6266830f7db9553329dcc1532
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_arm.deb
Size/MD5 checksum: 48830 dc4986db69fc9fa3aacd9487a1a57004
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_arm.deb
Size/MD5 checksum: 198672 6e11c792134a4d9bd602a7461895c42c
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_arm.deb
Size/MD5 checksum: 63738 01cee2e685f3bc973f7cce7e5ec08f56
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_arm.deb
Size/MD5 checksum: 49406 03755be7fa950f05c099aff6dc847e7d
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_arm.deb
Size/MD5 checksum: 166018 b8000d9c82076d7134aacf28a3ae7a98
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_arm.deb
Size/MD5 checksum: 73626 3070b54d29b8174b78886e37bc25c112
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_arm.deb
Size/MD5 checksum: 493632 b74a2e03c250019f25ff58387792d666
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_arm.deb
Size/MD5 checksum: 295230 bd4ccc64814aeebd0071b68dc964080d
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_i386.deb
Size/MD5 checksum: 179362 e38dffa6b1e44da9c05ab5569283141b
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_i386.deb
Size/MD5 checksum: 152348 eb2d37aca6f5aeb2ecd3dc7a66b351fc
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_i386.deb
Size/MD5 checksum: 46370 dda52cc0f381955716025f4f3f210630
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_i386.deb
Size/MD5 checksum: 178578 3d9e28bc8bbd83161cd8c9781db99e76
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_i386.deb
Size/MD5 checksum: 61358 846936ed49d43dddf11c8239e7ecb74f
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_i386.deb
Size/MD5 checksum: 46652 4b12ff1ef17b81aadec2cf27c249b263
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_i386.deb
Size/MD5 checksum: 156624 2a626d8694742a825242085d83efb40f
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_i386.deb
Size/MD5 checksum: 72022 678e924f12886c54cb3ca9bdee6a8da4
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_i386.deb
Size/MD5 checksum: 433960 9a90e0a4c79b81f2d00945fb7bdf84da
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_i386.deb
Size/MD5 checksum: 293706 be17bc6de25438a34466e7a47c5e4a0f
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_ia64.deb
Size/MD5 checksum: 322390 bd8deae9fe5e2fd0d0e304d93c676c95
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_ia64.deb
Size/MD5 checksum: 266614 fa5fedbcc5ce19cf0fd6e0f019988aaa
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_ia64.deb
Size/MD5 checksum: 73742 3b21c0fd054d80e979808c47bef49b15
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_ia64.deb
Size/MD5 checksum: 322348 b893958f43de292d927b49cd9dda434b
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_ia64.deb
Size/MD5 checksum: 92050 2c1a3cf4ae7311dc95a696bf919148e9
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_ia64.deb
Size/MD5 checksum: 70700 38b66040685eb5421abcb92cdcb682df
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_ia64.deb
Size/MD5 checksum: 256278 5440c691dcc69e168105b60a4433332d
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_ia64.deb
Size/MD5 checksum: 107650 0b12f0212a2e8ee31654a605e7b74219
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_ia64.deb
Size/MD5 checksum: 705942 9dc21d18876a435f5ecbae3c1fa90fac
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_ia64.deb
Size/MD5 checksum: 475034 072e1682115dd9c556d2eca5c65780af
HP Precision architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_hppa.deb
Size/MD5 checksum: 214666 50a69b51ec610a919c00e13dad97c237
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_hppa.deb
Size/MD5 checksum: 189950 ed974a7360091fe4ea8a5dee5f310a93
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_hppa.deb
Size/MD5 checksum: 54064 87d03aa246e3a8bed874ea20aab5c90c
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_hppa.deb
Size/MD5 checksum: 214092 fdb3544036609131e218f1293d59ab62
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_hppa.deb
Size/MD5 checksum: 68802 6476e62e8872de28da85a6d7ff6a91a8
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_hppa.deb
Size/MD5 checksum: 55892 ae903fa8671838a64061748b150503ae
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_hppa.deb
Size/MD5 checksum: 183066 bde3354927006d85aed74b4ce67f379b
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_hppa.deb
Size/MD5 checksum: 85122 160ea9c72f59ee814853092ba414f37e
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_hppa.deb
Size/MD5 checksum: 558094 4b5f91e312a31a075cf0ee5f5abb28f4
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_hppa.deb
Size/MD5 checksum: 362152 bf33b679c8e3023f1baa81dedc1c9e32
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_m68k.deb
Size/MD5 checksum: 164376 695f5090f6f02ef5ffcdb94994923d1d
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_m68k.deb
Size/MD5 checksum: 144904 f03b67ac31422c20cd2024a7f530f077
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_m68k.deb
Size/MD5 checksum: 44522 7bb04f7623ecb06934e615790364744e
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_m68k.deb
Size/MD5 checksum: 164106 460978cf8ba185277681491f91269bd3
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_m68k.deb
Size/MD5 checksum: 57054 8bcee8e9061c204cc1d53f310603f647
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_m68k.deb
Size/MD5 checksum: 44838 c57524e8c13e8f007451617b6c99374f
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_m68k.deb
Size/MD5 checksum: 146184 ef14d19fd5d0d4bb4a4ee88287e556cd
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_m68k.deb
Size/MD5 checksum: 70032 1bccace886d6c662ab3b10b0cfaa29d9
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_m68k.deb
Size/MD5 checksum: 409054 be8e8f2a4573bb15ec6024f00a1c4087
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_m68k.deb
Size/MD5 checksum: 277330 c78d56b08e2e4c37bc7d9d1aae9272f6
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_mips.deb
Size/MD5 checksum: 206742 9881404c18f586f88b60322f6ac46e11
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_mips.deb
Size/MD5 checksum: 191334 637743e42bdcbd990a8a8eaec03f04e6
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_mips.deb
Size/MD5 checksum: 53510 c194be0f6dedfbaa82f3f7f51bbafe48
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_mips.deb
Size/MD5 checksum: 209794 7ad1a3ae1a623910446a89d44f4d7c0a
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_mips.deb
Size/MD5 checksum: 66606 0921f3d4930ad9501eba05cb48c86093
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_mips.deb
Size/MD5 checksum: 55072 22603859834a0c66169b9c6b3438296b
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_mips.deb
Size/MD5 checksum: 175416 edcbd96200fec2b725a64df310856287
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_mips.deb
Size/MD5 checksum: 72292 afa180a53f462b42ada57f4183e481b2
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_mips.deb
Size/MD5 checksum: 541350 be00fa435c03a2474310c03b3aadb3d0
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_mips.deb
Size/MD5 checksum: 308518 db69345f0ad3df1e0b3b70310ffa6ed6
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_mipsel.deb
Size/MD5 checksum: 210850 d7831efe581155af02fbf4cd4b298577
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_mipsel.deb
Size/MD5 checksum: 190990 facf8459bd0684335304e2a9af7b8ec1
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_mipsel.deb
Size/MD5 checksum: 53694 cbae172d0491dd9f259b31f502d3f0ef
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_mipsel.deb
Size/MD5 checksum: 213350 9b2e3742c660d42556e790503cfa73c2
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_mipsel.deb
Size/MD5 checksum: 66918 cf9b408405283ea6cda2dc7d79dc5187
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_mipsel.deb
Size/MD5 checksum: 54936 13d0e562fea89e39cecffe02caa5184f
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_mipsel.deb
Size/MD5 checksum: 177270 6e92b594956acc65452e8c351222fb53
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_mipsel.deb
Size/MD5 checksum: 72106 54a3fbae7e86134d48ee49befcb00c99
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_mipsel.deb
Size/MD5 checksum: 540884 a93fd74e3cfce1d61e81dc15adeede7d
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_mipsel.deb
Size/MD5 checksum: 307184 e725f0ab101cf33b1eb127eb3d18df81
PowerPC architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_powerpc.deb
Size/MD5 checksum: 188456 1605cd80b08025be71477d33bae41d53
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_powerpc.deb
Size/MD5 checksum: 164152 0e3d09352a72b78dce03519b297a87c3
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_powerpc.deb
Size/MD5 checksum: 49372 9289fc6a3d9a4a1e35e55a8f536b2762
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_powerpc.deb
Size/MD5 checksum: 189546 cee053d38c1f38de08966f6957ed914a
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_powerpc.deb
Size/MD5 checksum: 62728 e6f98290ed591d955d5c80eb58d9f6dd
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_powerpc.deb
Size/MD5 checksum: 49338 bf451f9b226dd16dac16ee9c59d97783
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_powerpc.deb
Size/MD5 checksum: 162762 2edc9dee6e7672c838626cd391820de9
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_powerpc.deb
Size/MD5 checksum: 74060 5c6ce5c10f005fa31786354fd60c4616
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_powerpc.deb
Size/MD5 checksum: 490920 1a5ee5de494c46f5c00598b2ef5dff3d
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_powerpc.deb
Size/MD5 checksum: 303574 0972361a36370e77050b37e46aeaed66
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_s390.deb
Size/MD5 checksum: 189308 1b5d39163a97cb6ea829810afb1a648c
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_s390.deb
Size/MD5 checksum: 166440 0709eaf98f958d5190afbe956a277995
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_s390.deb
Size/MD5 checksum: 50302 f8721e09d7b159a5e16b293a8999d43c
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_s390.deb
Size/MD5 checksum: 190628 cd1c66f7eaa63239aee8fbb4a26bed76
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_s390.deb
Size/MD5 checksum: 67096 a191f8826271cfe94a8aef0d8e6aece1
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_s390.deb
Size/MD5 checksum: 50278 b0fccd0d25256f8357e8f32e815bf6f6
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_s390.deb
Size/MD5 checksum: 164334 ce022c07d1815b0df8b5f9a46e8c2ed8
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_s390.deb
Size/MD5 checksum: 76638 4aa46656e9c0293fb5e28e56391e77bc
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_s390.deb
Size/MD5 checksum: 453482 b52bf2d4a664c52c350f80c1593ea5c2
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_s390.deb
Size/MD5 checksum: 319656 7b7d0c4b136d99b9dfaf798d4f94d0c9
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_sparc.deb
Size/MD5 checksum: 183454 aa907094cbdaac57da2f0eca9b8eb5bd
http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_sparc.deb
Size/MD5 checksum: 173036 7f173f3267bcab3e66922ea6d40b9108
http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_sparc.deb
Size/MD5 checksum: 49792 ce46cc950c54a24025647cec765c6e6b
http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_sparc.deb
Size/MD5 checksum: 184358 1ae257a74f7e385a2e4e186a26e86da6
http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_sparc.deb
Size/MD5 checksum: 64400 6429cb02f6d8c3948ef94176ee077c9e
http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_sparc.deb
Size/MD5 checksum: 49780 dc7690038fd1b4125179157411f96396
http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_sparc.deb
Size/MD5 checksum: 159528 4c9938799737182f5fd4455f7ba08508
http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_sparc.deb
Size/MD5 checksum: 73406 83f33192e1d069af16c155136117b331
http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_sparc.deb
Size/MD5 checksum: 463024 94916989bafb9975e1d973cc0210b1d0
http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_sparc.deb
Size/MD5 checksum: 301464 ebf61bee3343e02ea2d64066a6713424
These files will probably be moved into the stable distribution on its next update.
For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show ' and http://packages.debian.org/
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux)
iD8DBQFCTXAvW5ql+IAeqTIRAuL+AKCET+ogp0mdHV6KfcZ+HmunHGZBRwCfeUgI 8w9yUaCYB2+gRUK/2mZkGxU= =L3X1 -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-200505-0162", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": null, "scope": null, "trust": 2.4, "vendor": "debian gnu linux", "version": null }, { "model": null, "scope": null, "trust": 2.4, "vendor": "freebsd", "version": null }, { "model": null, "scope": null, "trust": 2.4, "vendor": "openssl", "version": null }, { "model": null, "scope": null, "trust": 2.4, "vendor": "red hat", "version": null }, { "model": null, "scope": null, "trust": 2.4, "vendor": "ubuntu", "version": null }, { "model": null, "scope": null, "trust": 1.6, "vendor": "f5", "version": null }, { "model": null, "scope": null, "trust": 1.6, "vendor": "openpkg", "version": null }, { "model": null, "scope": null, "trust": 1.6, "vendor": "oracle", "version": null }, { "model": null, "scope": null, "trust": 1.6, "vendor": "suse linux", "version": null }, { "model": null, "scope": null, "trust": 1.6, "vendor": "slackware linux", "version": null }, { "model": null, "scope": null, "trust": 1.6, "vendor": "rpath", "version": null }, { "model": null, "scope": null, "trust": 1.6, "vendor": "apple computer", "version": null }, { "model": "telnet", "scope": "eq", "trust": 1.6, "vendor": "ncsa", "version": "c" }, { "model": null, "scope": null, "trust": 0.8, "vendor": "trustix secure linux", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "appgate network security", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "attachmatewrq", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "avaya", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "blue coat", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "cisco", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "gentoo linux", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "gnutls", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "hewlett packard", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "iaik java group", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "ibm", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "internet consortium", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "intoto", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "juniper", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "mandriva", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "mozilla", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "openwall gnu linux", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "opera", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "rsa security", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "ssh security corp", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "sun microsystems", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "sybase", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "vmware", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "vandyke", "version": null }, { "model": "kerberos", "scope": "lt", "trust": 0.8, "vendor": "mit kerberos", "version": "5 (krb5-1.4.1 )" }, { "model": "seil/neu", "scope": "eq", "trust": 0.8, "vendor": "internet initiative", "version": "ver. 2.x firmware version 2.10(jamming) ~ 2.27(ridge)" }, { "model": "seil/plus", "scope": "eq", "trust": 0.8, "vendor": "internet initiative", "version": "firmware version 1.00(snappy) ~ 1.51(swisssingle)" }, { "model": "seil/turbo", "scope": "eq", "trust": 0.8, "vendor": "internet initiative", "version": "firmware version 1.10(aberdeen) ~ 1.51(riodell)" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "2.0" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "2.1" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3.0" }, { "model": "seam", "scope": "lte", "trust": 0.8, "vendor": "sun microsystems", "version": "1.0.2" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "10 (sparc)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "10 (x86)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "7.0 (sparc)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "7.0 (x86)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "8 (sparc)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "8 (x86)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "9 (sparc)" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "sun microsystems", "version": "9 (x86)" }, { "model": "turbolinux", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "10_f" }, { "model": "turbolinux appliance server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "1.0 (hosting)" }, { "model": "turbolinux appliance server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "1.0 (workgroup)" }, { "model": "turbolinux server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "10" }, { "model": "turbolinux server", "scope": "eq", "trust": 0.8, "vendor": "turbo linux", "version": "8" }, { "model": "home", "scope": null, "trust": 0.8, "vendor": "turbo linux", "version": null }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "2.1 (ws)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (ws)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 (ws)" }, { "model": "irix", "scope": "eq", "trust": 0.6, "vendor": "sgi", "version": "4.0.5" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.1.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.8" }, { "model": "irix m", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.2" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.20" }, { "model": "linux netkit", "scope": "eq", "trust": 0.3, "vendor": "netkit", "version": "0.14" }, { "model": "alpha", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.0" }, { "model": "openbsd", "scope": "eq", "trust": 0.3, "vendor": "openbsd", "version": "3.5" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.3" }, { "model": "irix f", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.16" }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.6" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5" }, { "model": "kerberos", "scope": "eq", "trust": 0.3, "vendor": "mit", "version": "51.0" }, { "model": "kerberos", "scope": "eq", "trust": 0.3, "vendor": "mit", "version": "51.2.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.6" }, { "model": "kerberos", "scope": "eq", "trust": 0.3, "vendor": "mit", "version": "51.3.6" }, { "model": "kerberos", "scope": "eq", "trust": 0.3, "vendor": "mit", "version": "51.1" }, { "model": "mn100", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.1" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3" }, { "model": "s8500 r2.0.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "4.0.4" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "7.0" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1" }, { "model": "big-ip", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "4.6.3" }, { "model": "kerberos", "scope": "eq", "trust": 0.3, "vendor": "mit", "version": "51.2.8" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.4" }, { "model": "irix .19m", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5" }, { "model": "irix f", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.3" }, { "model": "linux personal", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.4" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6.2" }, { "model": "irix e", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "4.0.5" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.18" }, { "model": "irix m", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.11" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.8" }, { "model": "openbsd", "scope": "eq", "trust": 0.3, "vendor": "openbsd", "version": "3.6" }, { "model": "irix m", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.13" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.9" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.0" }, { "model": "linux enterprise server", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "8" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "5.1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "7.1x86" }, { "model": "irix m", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.3" }, { "model": "linux enterprise server for s/390", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.0" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.8" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "9.1" }, { "model": "irix m", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.7" }, { "model": "linux i686", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "7.3" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "4.0.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.1" }, { "model": "linux ppc", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "7.0" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.9" }, { "model": "linux", "scope": "ne", "trust": 0.3, "vendor": "slackware", "version": "10.1" }, { "model": "heimdal", "scope": "eq", "trust": 0.3, "vendor": "heimdal", "version": "0.6.3" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.7" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "7.3" }, { "model": "unixware", "scope": "eq", "trust": 0.3, "vendor": "sco", "version": "7.1.4" }, { "model": "-release/alpha", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.1" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "5.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.6" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.14" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.2" }, { "model": "linux personal", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.0" }, { "model": "irix f", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.11" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.0.2" }, { "model": "-release-p20", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6" }, { "model": "irix f", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.13" }, { "model": "irix m", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.17" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.27" }, { "model": "-release-p14", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.0" }, { "model": "modular messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.0" }, { "model": "irix f", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.3" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.6" }, { "model": "irix f", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.7" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.10" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "linux mipsel", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.0" }, { "model": "irix t", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "4.0.1" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "5.3" }, { "model": "kerberos", "scope": "eq", "trust": 0.3, "vendor": "mit", "version": "51.3.5" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.2" }, { "model": "linux netkit", "scope": "eq", "trust": 0.3, "vendor": "netkit", "version": "0.16" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.3" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "7.3" }, { "model": "irix m", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.20" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.4" }, { "model": "linux -current", "scope": "ne", "trust": 0.3, "vendor": "slackware", "version": null }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.4" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.5" }, { "model": "linux ppc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.0" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.19" }, { "model": "linux enterprise server", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "9" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "8.0" }, { "model": "kerberos", "scope": "eq", "trust": 0.3, "vendor": "mit", "version": "51.3.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.1" }, { "model": "irix f", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.17" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.5" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.3" }, { "model": "-stablepre122300", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.2" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.23" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.1" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "5.04" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.2.1" }, { "model": "linux", "scope": "ne", "trust": 0.3, "vendor": "slackware", "version": "10.0" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.2" }, { "model": "kerberos", "scope": "eq", "trust": 0.3, "vendor": "mit", "version": "51.2.4" }, { "model": "linux netkit", "scope": "eq", "trust": 0.3, "vendor": "netkit", "version": "0.12" }, { "model": "linux ia-64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.0" }, { "model": "irix f", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.20" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.0.x" }, { "model": "kerberos", "scope": "eq", "trust": 0.3, "vendor": "mit", "version": "51.0.8" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "3.3.2" }, { "model": "linux ppc", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "7.3" }, { "model": "advanced workstation for the itanium processor", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "irix m", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.18" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.03" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "5.0" }, { "model": "seam", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "1.0" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "8.0" }, { "model": "irix m", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.9" }, { "model": "kerberos", "scope": "eq", "trust": 0.3, "vendor": "mit", "version": "51.0.6" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.11" }, { "model": "kerberos -alpha1", "scope": "eq", "trust": 0.3, "vendor": "mit", "version": "51.3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.0" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.5" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "7.1" }, { "model": "secure linux", "scope": "eq", "trust": 0.3, "vendor": "trustix", "version": "2.1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "8.1" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.25" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.8" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.3" }, { "model": "-stablepre2002-03-07", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "linux enterprise server", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "7" }, { "model": "intuity lx", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "irix m", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.14" }, { "model": "netbsd", "scope": "eq", "trust": 0.3, "vendor": "netbsd", "version": "2.0" }, { "model": "linux netkit", "scope": "eq", "trust": 0.3, "vendor": "netkit", "version": "0.17.17" }, { "model": "linux personal x86 64", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.5" }, { "model": "netbsd", "scope": "eq", "trust": 0.3, "vendor": "netbsd", "version": "2.0.2" }, { "model": "irix f", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.18" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.0.1" }, { "model": "heimdal", "scope": "eq", "trust": 0.3, "vendor": "heimdal", "version": "0.6" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.2" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "7.2" }, { "model": "irix f", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.9" }, { "model": "kerberos", "scope": "eq", "trust": 0.3, "vendor": "mit", "version": "51.3.3" }, { "model": "kerberos", "scope": "eq", "trust": 0.3, "vendor": "mit", "version": "51.2.7" }, { "model": "alpha", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.0" }, { "model": "irix m", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.10" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.2" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.7" }, { "model": "linux personal", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.2" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.1.1" }, { "model": "cvlan", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "heimdal", "scope": "eq", "trust": 0.3, "vendor": "heimdal", "version": "0.6.1" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.1" }, { "model": "unixware", "scope": "eq", "trust": 0.3, "vendor": "sco", "version": "7.1.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.0.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.1" }, { "model": "irix m", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.19" }, { "model": "irix f", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.14" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "5.04" }, { "model": "fedora core1", "scope": null, "trust": 0.3, "vendor": "redhat", "version": null }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.3" }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.6.2" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.15" }, { "model": "linux mips", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.0" }, { "model": "irix g", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "4.0.5" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.6" }, { "model": "kerberos", "scope": "eq", "trust": 0.3, "vendor": "mit", "version": "51.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.4" }, { "model": "-release-p5", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.1" }, { "model": "linux personal x86 64", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.0" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "5.04" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.1" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.0" }, { "model": "-stablepre050201", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.2" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.12" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.0" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5.6" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.3" }, { "model": "irix f", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.10" }, { "model": "irix m", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.21" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.3" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "7.1" }, { "model": "linux alt linux compact", "scope": "eq", "trust": 0.3, "vendor": "alt", "version": "2.3" }, { "model": "converged communications server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.0" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.2" }, { "model": "modular messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.1" }, { "model": "heimdal", "scope": "eq", "trust": 0.3, "vendor": "heimdal", "version": "0.5.1" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.4" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5.10" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "4.0.1" }, { "model": "s8500 r2.0.0", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.2" }, { "model": "s8700 r2.0.0", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "irix f", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.19" }, { "model": "irix xfs", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "5.3" }, { "model": "seam", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "1.0.1" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.10" }, { "model": "linux alt linux junior", "scope": "eq", "trust": 0.3, "vendor": "alt", "version": "2.3" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "9.0" }, { "model": "linux netkit", "scope": "eq", "trust": 0.3, "vendor": "netkit", "version": "0.17" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.1" }, { "model": "irix a", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "4.0.5" }, { "model": "gnu/*/linux", "scope": "eq", "trust": 0.3, "vendor": "openwall", "version": "1.0" }, { "model": "irix f", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.21" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2" }, { "model": "seam", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "1.0.2" }, { "model": "open server", "scope": "eq", "trust": 0.3, "vendor": "sco", "version": "5.0.7" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.1" }, { "model": "irix d", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "4.0.5" }, { "model": "-release-p7", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.8" }, { "model": "-release-p32", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5.12" }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5" }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.2" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "7.3" }, { "model": "irix m", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.8" }, { "model": "linux alpha", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "7.1" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.22" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.4" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.11" }, { "model": "3-dns", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "4.5.13" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.4" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.7" }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.3" }, { "model": "heimdal", "scope": "eq", "trust": 0.3, "vendor": "heimdal", "version": "0.5.3" }, { "model": "kerberos -beta1", "scope": "eq", "trust": 0.3, "vendor": "mit", "version": "51.2.2" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.5" }, { "model": "secure linux", "scope": "eq", "trust": 0.3, "vendor": "trustix", "version": "2.2" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.6.2" }, { "model": "gnu/*/linux -current", "scope": null, "trust": 0.3, "vendor": "openwall", "version": null }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.2" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "10.1" }, { "model": "linux", "scope": "ne", "trust": 0.3, "vendor": "slackware", "version": "9.1" }, { "model": "irix f", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.8" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.24" }, { "model": "s8300 r2.0.0", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "heimdal", "scope": "eq", "trust": 0.3, "vendor": "heimdal", "version": "0.6.2" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "3.3.1" }, { "model": "kerberos", "scope": "eq", "trust": 0.3, "vendor": "mit", "version": "51.1.1" }, { "model": "irix m", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.15" }, { "model": "netbsd", "scope": "eq", "trust": 0.3, "vendor": "netbsd", "version": "2.0.1" }, { "model": "kerberos", "scope": "eq", "trust": 0.3, "vendor": "mit", "version": "51.2.6" }, { "model": "irix m", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.6" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.10" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "7.0" }, { "model": "-prerelease", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.4" }, { "model": "irix m", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.12" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "5.1.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.3" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.5" }, { "model": "-release-p38", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.3" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.0" }, { "model": "gnu/*/linux", "scope": "eq", "trust": 0.3, "vendor": "openwall", "version": "1.1" }, { "model": "s8710 r2.0.0", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "4.0" }, { "model": "kerberos", "scope": "eq", "trust": 0.3, "vendor": "mit", "version": "51.3.2" }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5.11" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "3.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.7" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.8" }, { "model": "linux personal x86 64", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "9.2" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.3" }, { "model": "heimdal", "scope": "ne", "trust": 0.3, "vendor": "heimdal", "version": "0.6.4" }, { "model": "kerberos", "scope": "eq", "trust": 0.3, "vendor": "mit", "version": "51.3.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.5" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.2" }, { "model": "linux netkit", "scope": "eq", "trust": 0.3, "vendor": "netkit", "version": "0.10" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5.12" }, { "model": "linux s/390", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.0" }, { "model": "linux", "scope": "ne", "trust": 0.3, "vendor": "slackware", "version": "9.0" }, { "model": "irix f", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.15" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.2" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "4.0.2" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.0" }, { "model": "irix f", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.6" }, { "model": "unixware", "scope": "eq", "trust": 0.3, "vendor": "sco", "version": "7.1.3" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.2" }, { "model": "irix .19f", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5" }, { "model": "irix f", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.12" }, { "model": "linux personal", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "8.2" }, { "model": "irix t", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "4.0.4" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.16" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.0.4" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.0" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "7.2" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "10.0" }, { "model": "open server", "scope": "eq", "trust": 0.3, "vendor": "sco", "version": "5.0.6" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "9.0" }, { "model": "irix m", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.22" }, { "model": "linux m68k", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.0" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.4" }, { "model": "irix m", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.4" }, { "model": "kerberos", "scope": "eq", "trust": 0.3, "vendor": "mit", "version": "51.2.5" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.4" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.5" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.6" }, { "model": "kerberos", "scope": "eq", "trust": 0.3, "vendor": "mit", "version": "51.2" }, { "model": "irix m", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.23" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.0" }, { "model": "big-ip", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "4.5.13" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "7.0" }, { "model": "linux hppa", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.0" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.7" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.3" }, { "model": "3-dns", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.3" }, { "model": "irix h", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "4.0.5" }, { "model": "irix b", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "4.0.4" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.4" }, { "model": "linux netkit", "scope": "eq", "trust": 0.3, "vendor": "netkit", "version": "0.9" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.8" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.26" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.7" }, { "model": "linux ppc", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "7.1" }, { "model": "s8710 r2.0.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "3.3.3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.2" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.2" }, { "model": "modular messaging s3400", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "irix m", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.24" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.8" }, { "model": "3-dns", "scope": "ne", "trust": 0.3, "vendor": "f5", "version": "4.6.3" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.0" }, { "model": "linux -current", "scope": null, "trust": 0.3, "vendor": "slackware", "version": null }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5.11" }, { "model": "irix f", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.4" }, { "model": "propack", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "3.0" }, { "model": "irix ipr", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "4.0.5" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "8.1" }, { "model": "kerberos", "scope": "eq", "trust": 0.3, "vendor": "mit", "version": "51.2.2" }, { "model": "linux", "scope": "ne", "trust": 0.3, "vendor": "slackware", "version": "8.1" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.7" }, { "model": "linux desktop", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "1.0" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.9" }, { "model": "linux alpha", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.0" }, { "model": "kerberos", "scope": "eq", "trust": 0.3, "vendor": "mit", "version": "51.4" }, { "model": "linux alpha", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "7.0" }, { "model": "advanced workstation for the itanium processor ia64", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "2.1" }, { "model": "irix xfs", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.0.1" }, { "model": "irix m", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.5" }, { "model": "heimdal", "scope": "eq", "trust": 0.3, "vendor": "heimdal", "version": "0.5.2" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "5.2" }, { "model": "linux", "scope": null, "trust": 0.3, "vendor": "gentoo", "version": null }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.0.1" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "7.3" }, { "model": "-release-p17", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.7" }, { "model": "secure enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "trustix", "version": "2.0" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.13" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "3.3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.6" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.3" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.7" }, { "model": "s8300 r2.0.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.7" }, { "model": "freebsd", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.1" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "5.0.1" }, { "model": "-releng", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.10" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.3.1" }, { "model": "irix f", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "4.0.5" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.520" }, { "model": "-prerelease", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.8" }, { "model": "-stable", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.6" }, { "model": "linux ia-32", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "3.0" }, { "model": "heimdal", "scope": "eq", "trust": 0.3, "vendor": "heimdal", "version": "0.5.0" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.1.1" }, { "model": "linux netkit", "scope": "eq", "trust": 0.3, "vendor": "netkit", "version": "0.15" }, { "model": "kerberos", "scope": "eq", "trust": 0.3, "vendor": "mit", "version": "51.2.1" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.21" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "7.3" }, { "model": "s8700 r2.0.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.5.9" }, { "model": "netbsd", "scope": "ne", "trust": 0.3, "vendor": "netbsd", "version": "2.0.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.1.3" }, { "model": "irix m", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.16" }, { "model": "irix f", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.5" }, { "model": "linux netkit", "scope": "eq", "trust": 0.3, "vendor": "netkit", "version": "0.11" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.2.4" }, { "model": "big-ip", "scope": "eq", "trust": 0.3, "vendor": "f5", "version": "4.3" }, { "model": "-prerelease", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.9" }, { "model": "irix", "scope": "eq", "trust": 0.3, "vendor": "sgi", "version": "6.5.17" }, { "model": "-release", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.3" }, { "model": "-release-p42", "scope": "eq", "trust": 0.3, "vendor": "freebsd", "version": "4.4" } ], "sources": [ { "db": "CERT/CC", "id": "VU#247744" }, { "db": "CERT/CC", "id": "VU#386964" }, { "db": "CERT/CC", "id": "VU#191336" }, { "db": "CERT/CC", "id": "VU#845620" }, { "db": "BID", "id": "12919" }, { "db": "JVNDB", "id": "JVNDB-2005-000202" }, { "db": "CNNVD", "id": "CNNVD-200505-503" }, { "db": "NVD", "id": "CVE-2005-0468" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:mit:kerberos", "vulnerable": true }, { "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server", "vulnerable": true }, { "cpe22Uri": "cpe:/a:sun:seam", "vulnerable": true }, { "cpe22Uri": "cpe:/o:sun:solaris", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux_appliance_server", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux_server", "vulnerable": true }, { "cpe22Uri": "cpe:/o:turbolinux:turbolinux_home", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:enterprise_linux", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2005-000202" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Gael DelalleauiDEFENSE Labs labs@idefense.com", "sources": [ { "db": "CNNVD", "id": "CNNVD-200505-503" } ], "trust": 0.6 }, "cve": "CVE-2005-0468", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2005-0468", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 1.8, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2005-0468", "trust": 1.0, "value": "HIGH" }, { "author": "CARNEGIE MELLON", "id": "VU#247744", "trust": 0.8, "value": "0.28" }, { "author": "CARNEGIE MELLON", "id": "VU#386964", "trust": 0.8, "value": "0.32" }, { "author": "CARNEGIE MELLON", "id": "VU#191336", "trust": 0.8, "value": "0.34" }, { "author": "CARNEGIE MELLON", "id": "VU#845620", "trust": 0.8, "value": "7.56" }, { "author": "NVD", "id": "CVE-2005-0468", "trust": 0.8, "value": "High" }, { "author": "CNNVD", "id": "CNNVD-200505-503", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CERT/CC", "id": "VU#247744" }, { "db": "CERT/CC", "id": "VU#386964" }, { "db": "CERT/CC", "id": "VU#191336" }, { "db": "CERT/CC", "id": "VU#845620" }, { "db": "JVNDB", "id": "JVNDB-2005-000202" }, { "db": "CNNVD", "id": "CNNVD-200505-503" }, { "db": "NVD", "id": "CVE-2005-0468" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clients allows remote attackers to execute arbitrary code via responses that contain a large number of characters that require escaping, which consumers more memory than allocated. A flaw in the OpenSSL library could allow a remote attacker to cause a denial of service on an affected application. A buffer overflow in certain Apple AirPort drivers may allow an attacker to execute arbitrary code with system privileges, or create a denial-of-service condition. Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Included with many products telnet Clients env_opt_add() There is a vulnerability that causes a buffer overflow when certain input data including escape characters is processed due to improper bounds checking in the function.Configured by a third party telnet Guided or crafted the target user to log in to the server Web By displaying the page, arbitrary code may be executed with the user\u0027s authority. Multiple vendors\u0027 Telnet client applications are reported prone to a remote buffer-overflow vulnerability. This vulnerability reportedly occurs in the \u0027env_opt_add()\u0027 function in the \u0027telnet.c\u0027 source file, which is apparently common source for all the affected vendors. \nA remote attacker may exploit this vulnerability to execute arbitrary code on some of the affected platforms in the context of a user that is using the vulnerable Telnet client to connect to a malicious server. \n\n----------------------------------------------------------------------\n\nTo improve our services to our customers, we have made a number of\nadditions to the Secunia Advisories and have started translating the\nadvisories to German. \n\nThe improvements will help our customers to get a better\nunderstanding of how we reached our conclusions, how it was rated,\nour thoughts on exploitation, attack vectors, and scenarios. \n\nThis includes:\n* Reason for rating\n* Extended description\n* Extended solution\n* Exploit code or links to exploit code\n* Deep links\n\nRead the full description:\nhttp://corporate.secunia.com/products/48/?r=l\n\nContact Secunia Sales for more information:\nhttp://corporate.secunia.com/how_to_buy/15/?r=l\n\n----------------------------------------------------------------------\n\nTITLE:\nApple Airport Probe Response Kernel Memory Corruption Vulnerability\n\nSECUNIA ADVISORY ID:\nSA22679\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/22679/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS, System access\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nApple Macintosh OS X\nhttp://secunia.com/product/96/\n\nDESCRIPTION:\nH.D. Moore has reported a vulnerability in the Apple Airport driver,\nwhich potentially can be exploited by malicious people to compromise\na vulnerable system. \n\nThe vulnerability is caused due to an error in the Airport driver\nprovided with Orinoco-based Airport cards when handling probe\nresponse frames. This can be exploited to overwrite kernel memory and\npotentially execute arbitrary code when the driver is running in\nactive scanning mode. \n\nThe vulnerability is reported in the driver on a PowerBook running\nversion 10.4.8. Other versions may also be affected. \n\nSOLUTION:\nDo not place the card into active scanning mode. \n\nPROVIDED AND/OR DISCOVERED BY:\nH D Moore\n\nORIGINAL ADVISORY:\nhttp://projects.info-pull.com/mokb/MOKB-01-11-2006.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nBackground\n==========\n\ntelnet-bsd provides a command line telnet client which is used for\nremote login using the telnet protocol. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-misc/telnet-bsd \u003c 1.0-r1 \u003e= 1.0-r1\n\nDescription\n===========\n\nA buffer overflow has been identified in the env_opt_add() function of\ntelnet-bsd, where a response requiring excessive escaping can cause a\nheap-based buffer overflow. Another issue has been identified in the\nslc_add_reply() function, where a large number of SLC commands can\noverflow a fixed size buffer. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll telnet-bsd users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/telnet-bsd-1.0-r1\"\n\nReferences\n==========\n\n [ 1 ] CAN-2005-0468\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0468\n [ 2 ] IDEF0867\n\nhttp://www.idefense.com/application/poi/display?id=221\u0026type=vulnerabilities\n [ 3 ] CAN-2005-0469\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469\n [ 4 ] IDEF0866\n\nhttp://www.idefense.com/application/poi/display?id=220\u0026type=vulnerabilities\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200504-01.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2005 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.0\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- --------------------------------------------------------------------------\nDebian Security Advisory DSA 703-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nApril 1st, 2005 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : krb5\nVulnerability : buffer overflows\nProblem-Type : remote\nDebian-specific: no\nCVE IDs : CAN-2005-0468 CAN-2005-0469\nCERT advisories: VU#341908 VU#291924\n\nSeveral problems have been discovered in telnet clients that could be\nexploited by malicious daemons the client connects to. \n\nCAN-2005-0469\n\n Ga\\xebl Delalleau discovered a buffer overflow in the handling of the\n LINEMODE suboptions in telnet clients. This can lead to the\n execution of arbitrary code when connected to a malicious server. \n\nFor the stable distribution (woody) these problems have been fixed in\nversion 1.2.4-5woody8. \n\nFor the unstable distribution (sid) these problems have been fixed in\nversion 1.3.6-1. \n\nWe recommend that you upgrade your krb5 package. \n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody8.dsc\n Size/MD5 checksum: 750 51c3ea6dcf74a9d82bef016509870c3d\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody8.diff.gz\n Size/MD5 checksum: 83173 97d5ce1eeec763cc67d56b0758891a0f\n http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4.orig.tar.gz\n Size/MD5 checksum: 5443051 663add9b5942be74a86fa860a3fa4167\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.2.4-5woody8_all.deb\n Size/MD5 checksum: 512968 88dea0dcf727a6fe03457485e6c98ea4\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 253798 4124ad89c3d6698ae5ce09cc0a810e77\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 217536 02bdd8e928ce65cfc415de890106cde7\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 63072 9aa2b092cc3d4729f6d309160b27117c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 252162 0f2b0638347b34b07ab919c05b7a404a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 76452 4eab68ade26bdd00dc733183f673cf7e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 59106 4c00e1ad73ba0be9631ed3b20846cf31\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 207478 f94b1e493f4a35a9244ab0a71f714f61\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 83948 b4870cfb49811f9e9bfc182004d6e72a\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 633440 f794455df495082bd8c40b2f0a6e0f22\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_alpha.deb\n Size/MD5 checksum: 367446 248fced4d354d47649deaa0c5d349354\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 197342 11591d7d943ee2d38f0117b53ec59026\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 160678 f4118cf6266830f7db9553329dcc1532\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 48830 dc4986db69fc9fa3aacd9487a1a57004\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 198672 6e11c792134a4d9bd602a7461895c42c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 63738 01cee2e685f3bc973f7cce7e5ec08f56\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 49406 03755be7fa950f05c099aff6dc847e7d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 166018 b8000d9c82076d7134aacf28a3ae7a98\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 73626 3070b54d29b8174b78886e37bc25c112\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 493632 b74a2e03c250019f25ff58387792d666\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_arm.deb\n Size/MD5 checksum: 295230 bd4ccc64814aeebd0071b68dc964080d\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 179362 e38dffa6b1e44da9c05ab5569283141b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 152348 eb2d37aca6f5aeb2ecd3dc7a66b351fc\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 46370 dda52cc0f381955716025f4f3f210630\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 178578 3d9e28bc8bbd83161cd8c9781db99e76\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 61358 846936ed49d43dddf11c8239e7ecb74f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 46652 4b12ff1ef17b81aadec2cf27c249b263\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 156624 2a626d8694742a825242085d83efb40f\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 72022 678e924f12886c54cb3ca9bdee6a8da4\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 433960 9a90e0a4c79b81f2d00945fb7bdf84da\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_i386.deb\n Size/MD5 checksum: 293706 be17bc6de25438a34466e7a47c5e4a0f\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 322390 bd8deae9fe5e2fd0d0e304d93c676c95\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 266614 fa5fedbcc5ce19cf0fd6e0f019988aaa\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 73742 3b21c0fd054d80e979808c47bef49b15\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 322348 b893958f43de292d927b49cd9dda434b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 92050 2c1a3cf4ae7311dc95a696bf919148e9\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 70700 38b66040685eb5421abcb92cdcb682df\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 256278 5440c691dcc69e168105b60a4433332d\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 107650 0b12f0212a2e8ee31654a605e7b74219\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 705942 9dc21d18876a435f5ecbae3c1fa90fac\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_ia64.deb\n Size/MD5 checksum: 475034 072e1682115dd9c556d2eca5c65780af\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 214666 50a69b51ec610a919c00e13dad97c237\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 189950 ed974a7360091fe4ea8a5dee5f310a93\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 54064 87d03aa246e3a8bed874ea20aab5c90c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 214092 fdb3544036609131e218f1293d59ab62\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 68802 6476e62e8872de28da85a6d7ff6a91a8\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 55892 ae903fa8671838a64061748b150503ae\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 183066 bde3354927006d85aed74b4ce67f379b\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 85122 160ea9c72f59ee814853092ba414f37e\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 558094 4b5f91e312a31a075cf0ee5f5abb28f4\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_hppa.deb\n Size/MD5 checksum: 362152 bf33b679c8e3023f1baa81dedc1c9e32\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 164376 695f5090f6f02ef5ffcdb94994923d1d\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 144904 f03b67ac31422c20cd2024a7f530f077\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 44522 7bb04f7623ecb06934e615790364744e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 164106 460978cf8ba185277681491f91269bd3\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 57054 8bcee8e9061c204cc1d53f310603f647\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 44838 c57524e8c13e8f007451617b6c99374f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 146184 ef14d19fd5d0d4bb4a4ee88287e556cd\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 70032 1bccace886d6c662ab3b10b0cfaa29d9\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 409054 be8e8f2a4573bb15ec6024f00a1c4087\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_m68k.deb\n Size/MD5 checksum: 277330 c78d56b08e2e4c37bc7d9d1aae9272f6\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 206742 9881404c18f586f88b60322f6ac46e11\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 191334 637743e42bdcbd990a8a8eaec03f04e6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 53510 c194be0f6dedfbaa82f3f7f51bbafe48\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 209794 7ad1a3ae1a623910446a89d44f4d7c0a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 66606 0921f3d4930ad9501eba05cb48c86093\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 55072 22603859834a0c66169b9c6b3438296b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 175416 edcbd96200fec2b725a64df310856287\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 72292 afa180a53f462b42ada57f4183e481b2\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 541350 be00fa435c03a2474310c03b3aadb3d0\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_mips.deb\n Size/MD5 checksum: 308518 db69345f0ad3df1e0b3b70310ffa6ed6\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 210850 d7831efe581155af02fbf4cd4b298577\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 190990 facf8459bd0684335304e2a9af7b8ec1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 53694 cbae172d0491dd9f259b31f502d3f0ef\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 213350 9b2e3742c660d42556e790503cfa73c2\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 66918 cf9b408405283ea6cda2dc7d79dc5187\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 54936 13d0e562fea89e39cecffe02caa5184f\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 177270 6e92b594956acc65452e8c351222fb53\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 72106 54a3fbae7e86134d48ee49befcb00c99\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 540884 a93fd74e3cfce1d61e81dc15adeede7d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_mipsel.deb\n Size/MD5 checksum: 307184 e725f0ab101cf33b1eb127eb3d18df81\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 188456 1605cd80b08025be71477d33bae41d53\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 164152 0e3d09352a72b78dce03519b297a87c3\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 49372 9289fc6a3d9a4a1e35e55a8f536b2762\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 189546 cee053d38c1f38de08966f6957ed914a\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 62728 e6f98290ed591d955d5c80eb58d9f6dd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 49338 bf451f9b226dd16dac16ee9c59d97783\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 162762 2edc9dee6e7672c838626cd391820de9\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 74060 5c6ce5c10f005fa31786354fd60c4616\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 490920 1a5ee5de494c46f5c00598b2ef5dff3d\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_powerpc.deb\n Size/MD5 checksum: 303574 0972361a36370e77050b37e46aeaed66\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 189308 1b5d39163a97cb6ea829810afb1a648c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 166440 0709eaf98f958d5190afbe956a277995\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 50302 f8721e09d7b159a5e16b293a8999d43c\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 190628 cd1c66f7eaa63239aee8fbb4a26bed76\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 67096 a191f8826271cfe94a8aef0d8e6aece1\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 50278 b0fccd0d25256f8357e8f32e815bf6f6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 164334 ce022c07d1815b0df8b5f9a46e8c2ed8\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 76638 4aa46656e9c0293fb5e28e56391e77bc\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 453482 b52bf2d4a664c52c350f80c1593ea5c2\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_s390.deb\n Size/MD5 checksum: 319656 7b7d0c4b136d99b9dfaf798d4f94d0c9\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 183454 aa907094cbdaac57da2f0eca9b8eb5bd\n http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 173036 7f173f3267bcab3e66922ea6d40b9108\n http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 49792 ce46cc950c54a24025647cec765c6e6b\n http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 184358 1ae257a74f7e385a2e4e186a26e86da6\n http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 64400 6429cb02f6d8c3948ef94176ee077c9e\n http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 49780 dc7690038fd1b4125179157411f96396\n http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 159528 4c9938799737182f5fd4455f7ba08508\n http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 73406 83f33192e1d069af16c155136117b331\n http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 463024 94916989bafb9975e1d973cc0210b1d0\n http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_sparc.deb\n Size/MD5 checksum: 301464 ebf61bee3343e02ea2d64066a6713424\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.0 (GNU/Linux)\n\niD8DBQFCTXAvW5ql+IAeqTIRAuL+AKCET+ogp0mdHV6KfcZ+HmunHGZBRwCfeUgI\n8w9yUaCYB2+gRUK/2mZkGxU=\n=L3X1\n-----END PGP SIGNATURE-----\n\n", "sources": [ { "db": "NVD", "id": "CVE-2005-0468" }, { "db": "CERT/CC", "id": "VU#247744" }, { "db": "CERT/CC", "id": "VU#386964" }, { "db": "CERT/CC", "id": "VU#191336" }, { "db": "CERT/CC", "id": "VU#845620" }, { "db": "JVNDB", "id": "JVNDB-2005-000202" }, { "db": "BID", "id": "12919" }, { "db": "PACKETSTORM", "id": "51595" }, { "db": "PACKETSTORM", "id": "38276" }, { "db": "PACKETSTORM", "id": "36938" }, { "db": "PACKETSTORM", "id": "37029" }, { "db": "PACKETSTORM", "id": "36947" } ], "trust": 5.22 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2005-0468", "trust": 3.1 }, { "db": "BID", "id": "12919", "trust": 2.7 }, { "db": "SECUNIA", "id": "14745", "trust": 2.4 }, { "db": "CERT/CC", "id": "VU#341908", "trust": 2.4 }, { "db": "SECUNIA", "id": "23155", "trust": 1.6 }, { "db": "SECUNIA", "id": "23280", "trust": 1.6 }, { "db": "SECUNIA", "id": "23309", "trust": 1.6 }, { "db": "BID", "id": "22083", "trust": 1.6 }, { "db": "SECUNIA", "id": "17899", "trust": 1.6 }, { "db": "SECUNIA", "id": "22679", "trust": 0.9 }, { "db": "SECUNIA", "id": "22259", "trust": 0.8 }, { "db": "SECUNIA", "id": "23340", "trust": 0.8 }, { "db": "SECUNIA", "id": "22671", "trust": 0.8 }, { "db": "SECUNIA", "id": "23351", "trust": 0.8 }, { "db": "SECUNIA", "id": "22385", "trust": 0.8 }, { "db": "SECUNIA", "id": "23131", "trust": 0.8 }, { "db": "SECUNIA", "id": "22094", "trust": 0.8 }, { "db": "SECUNIA", "id": "22544", "trust": 0.8 }, { "db": "CERT/CC", "id": "VU#247744", "trust": 0.8 }, { "db": "BID", "id": "20246", "trust": 0.8 }, { "db": "CERT/CC", "id": "VU#386964", "trust": 0.8 }, { "db": "CERT/CC", "id": "VU#191336", "trust": 0.8 }, { "db": "SECUNIA", "id": "21709", "trust": 0.8 }, { "db": "CERT/CC", "id": "VU#845620", "trust": 0.8 }, { "db": "SECUNIA", "id": "15030", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2005-000202", "trust": 0.8 }, { "db": "FREEBSD", "id": "FREEBSD-SA-05:01.TELNET", "trust": 0.6 }, { "db": "DEBIAN", "id": "DSA-703", "trust": 0.6 }, { "db": "DEBIAN", "id": "DSA-731", "trust": 0.6 }, { "db": "SUNALERT", "id": "101665", "trust": 0.6 }, { "db": "SUNALERT", "id": "57761", "trust": 0.6 }, { "db": "SUNALERT", "id": "101671", "trust": 0.6 }, { "db": "SUNALERT", "id": "57755", "trust": 0.6 }, { "db": "REDHAT", "id": "RHSA-2005:330", "trust": 0.6 }, { "db": "REDHAT", "id": "RHSA-2005:327", "trust": 0.6 }, { "db": "UBUNTU", "id": "USN-224-1", "trust": 0.6 }, { "db": "IDEFENSE", "id": "20050328 MULTIPLE TELNET CLIENT ENV_OPT_ADD() BUFFER OVERFLOW VULNERABILITY", "trust": 0.6 }, { "db": "MANDRAKE", "id": "MDKSA-2005:061", "trust": 0.6 }, { "db": "CONECTIVA", "id": "CLA-2005:962", "trust": 0.6 }, { "db": "SGI", "id": "20050405-01-P", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-200505-503", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "51595", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "38276", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "36938", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "37029", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "36947", "trust": 0.1 } ], "sources": [ { "db": "CERT/CC", "id": "VU#247744" }, { "db": "CERT/CC", "id": "VU#386964" }, { "db": "CERT/CC", "id": "VU#191336" }, { "db": "CERT/CC", "id": "VU#845620" }, { "db": "BID", "id": "12919" }, { "db": "JVNDB", "id": "JVNDB-2005-000202" }, { "db": "PACKETSTORM", "id": "51595" }, { "db": "PACKETSTORM", "id": "38276" }, { "db": "PACKETSTORM", "id": "36938" }, { "db": "PACKETSTORM", "id": "37029" }, { "db": "PACKETSTORM", "id": "36947" }, { "db": "CNNVD", "id": "CNNVD-200505-503" }, { "db": "NVD", "id": "CVE-2005-0468" } ] }, "id": "VAR-200505-0162", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.4615448 }, "last_update_date": "2024-11-29T21:59:28.933000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "telnet", "trust": 0.8, "url": "http://www.miraclelinux.com/support/update/data/telnet.html" }, { "title": "MITKRB5-SA-2005-001", "trust": 0.8, "url": "http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2005-001-telnet.txt" }, { "title": "RHSA-2005:327", "trust": 0.8, "url": "http://rhn.redhat.com/errata/RHSA-2005-327.html" }, { "title": "RHSA-2005:330", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2005-330.html" }, { "title": "Telnet \u30bd\u30d5\u30c8\u30a6\u30a7\u30a2\u306e\u8106\u5f31\u6027\u306b\u3088\u308b SEIL \u30b7\u30ea\u30fc\u30ba\u3078\u306e\u5f71\u97ff\u306b\u3064\u3044\u3066", "trust": 0.8, "url": "http://www.seil.jp/seilseries/news/snote/_snote_20050810_01.html" }, { "title": "57761", "trust": 0.8, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1" }, { "title": "57755", "trust": 0.8, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1" }, { "title": "57761", "trust": 0.8, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-3" }, { "title": "57755", "trust": 0.8, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-3" }, { "title": "TLSA-2005-52", "trust": 0.8, "url": "http://www.turbolinux.com/security/2005/TLSA-2005-52.txt" }, { "title": "RHSA-2005:327", "trust": 0.8, "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2005-327J.html" }, { "title": "RHSA-2005:330", "trust": 0.8, "url": "http://www.jp.redhat.com/support/errata/RHSA/RHSA-2005-330J.html" }, { "title": "TLSA-2005-52", "trust": 0.8, "url": "http://www.turbolinux.co.jp/security/2005/TLSA-2005-52j.txt" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2005-000202" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-Other", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2005-0468" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.4, "url": "http://www.securityfocus.com/bid/12919" }, { "trust": 2.4, "url": "http://www.kb.cert.org/vuls/id/341908" }, { "trust": 1.9, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57761-1" }, { "trust": 1.9, "url": "http://web.mit.edu/kerberos/advisories/mitkrb5-sa-2005-001-telnet.txt" }, { "trust": 1.9, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1" }, { "trust": 1.7, "url": "http://www.idefense.com/application/poi/display?id=221\u0026type=vulnerabilities" }, { "trust": 1.6, "url": "http://www.openssl.org/news/secadv_20060928.txt" }, { "trust": 1.6, "url": "http://secunia.com/advisories/23155/" }, { "trust": 1.6, "url": "http://secunia.com/advisories/23280/" }, { "trust": 1.6, "url": "http://secunia.com/advisories/23309/" }, { "trust": 1.6, "url": "http://www.securityfocus.com/bid/22083" }, { "trust": 1.6, "url": "http://www.redhat.com/support/errata/rhsa-2005-330.html" }, { "trust": 1.6, "url": "http://www.redhat.com/support/errata/rhsa-2005-327.html" }, { "trust": 1.6, "url": "http://www.debian.org/security/2005/dsa-703" }, { "trust": 1.6, "url": "ftp://patches.sgi.com/support/free/security/advisories/20050405-01-p" }, { "trust": 1.6, "url": "http://www.ubuntulinux.org/usn/usn-224-1" }, { "trust": 1.6, "url": "http://www.debian.de/security/2005/dsa-731" }, { "trust": 1.6, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-1" }, { "trust": 1.6, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1" }, { "trust": 1.6, "url": "http://secunia.com/advisories/17899" }, { "trust": 1.6, "url": "http://secunia.com/advisories/14745" }, { "trust": 1.6, "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000962" }, { "trust": 1.6, "url": "ftp://ftp.freebsd.org/pub/freebsd/cert/advisories/freebsd-sa-05:01.telnet.asc" }, { "trust": 1.6, "url": "http://www.mandriva.com/security/advisories?name=mdksa-2005:061" }, { "trust": 1.0, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9640" }, { "trust": 0.9, "url": "http://secunia.com/advisories/22679/" }, { "trust": 0.9, "url": "http://projects.info-pull.com/mokb/mokb-01-11-2006.html" }, { "trust": 0.8, "url": "http://www.openssl.org/" }, { "trust": 0.8, "url": "http://secunia.com/advisories/23131/" }, { "trust": 0.8, "url": "http://secunia.com/advisories/22544/" }, { "trust": 0.8, "url": "http://secunia.com/advisories/22385/" }, { "trust": 0.8, "url": "http://secunia.com/advisories/22671/" }, { "trust": 0.8, "url": "http://secunia.com/advisories/23340/" }, { "trust": 0.8, "url": "http://secunia.com/advisories/22094/" }, { "trust": 0.8, "url": "http://secunia.com/advisories/22259/" }, { "trust": 0.8, "url": "http://www.f-secure.com/security/fsc-2006-6.shtml" }, { "trust": 0.8, "url": "http://secunia.com/advisories/23351/" }, { "trust": 0.8, "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102668-1" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnvu%23386964/index.html" }, { "trust": 0.8, "url": "http://www.securityfocus.com/bid/20246" }, { "trust": 0.8, "url": "http://docs.info.apple.com/article.html?artnum=304829" }, { "trust": 0.8, "url": "http://standards.ieee.org/announcements/pr_frames.html" }, { "trust": 0.8, "url": "http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html" }, { "trust": 0.8, "url": "http://www.matasano.com/log/469/many-rsa-signatures-may-be-forgeable-in-openssl-and-elsewhere/" }, { "trust": 0.8, "url": "http://www.openssl.org/news/secadv_20060905.txt " }, { "trust": 0.8, "url": "http://secunia.com/advisories/21709/" }, { "trust": 0.8, "url": "http://www.rsasecurity.com/rsalabs/node.asp?id=2125" }, { "trust": 0.8, "url": "http://www.ietf.org/rfc/rfc3447.txt" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-0468" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnvu%23341908" }, { "trust": 0.8, "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-0468" }, { "trust": 0.8, "url": "http://secunia.com/advisories/15030/" }, { "trust": 0.8, "url": "http://secunia.com/advisories/14745/" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2005-0468" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2005-0469" }, { "trust": 0.3, "url": "http://lists.altlinux.ru/pipermail/security-announce/2005-march/000287.html" }, { "trust": 0.3, "url": "http://www.openbsd.org/errata.html#telnet" }, { "trust": 0.3, "url": "http://www.openbsd.org/errata35.html#telnet" }, { "trust": 0.3, "url": "http://www.pdc.kth.se/heimdal/advisory/2005-04-20/" }, { "trust": 0.3, "url": "http://www.uniras.gov.uk/niscc/docs/br-20051101-00969.html?lang=en" }, { "trust": 0.3, "url": "http://support.avaya.com/elmodocs2/security/asa-2005-088_rhsa-2005-330.pdf" }, { "trust": 0.3, "url": "http://support.avaya.com/elmodocs2/security/asa-2005-132_rhsa-2005-327.pdf" }, { "trust": 0.3, "url": "http://www.openwall.com/owl/changes-current.shtml" }, { "trust": 0.3, "url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000962" }, { "trust": 0.3, "url": "http://www.f5.com/" }, { "trust": 0.3, "url": "http://www.netbsd.org/" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2005-327.html" }, { "trust": 0.3, "url": "http://rhn.redhat.com/errata/rhsa-2005-330.html" }, { "trust": 0.3, "url": "http://docs.info.apple.com/article.html?artnum=301061" }, { "trust": 0.3, "url": "/archive/1/394396" }, { "trust": 0.3, "url": "/archive/1/394490" }, { "trust": 0.3, "url": "/archive/1/394524" }, { "trust": 0.3, "url": "http://bugs.gentoo.org." }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-0468" }, { "trust": 0.3, "url": "http://creativecommons.org/licenses/by-sa/2.0" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=can-2005-0469" }, { "trust": 0.3, "url": "http://security.gentoo.org/" }, { "trust": 0.1, "url": "http://secunia.com/secunia_security_advisories/" }, { "trust": 0.1, "url": "http://corporate.secunia.com/products/48/?r=l" }, { "trust": 0.1, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.1, "url": "http://secunia.com/product/96/" }, { "trust": 0.1, "url": "http://corporate.secunia.com/how_to_buy/15/?r=l" }, { "trust": 0.1, "url": "http://secunia.com/about_secunia_advisories/" }, { "trust": 0.1, "url": "http://security.gentoo.org/glsa/glsa-200504-28.xml" }, { "trust": 0.1, "url": "http://www.idefense.com/application/poi/display?id=220\u0026type=vulnerabilities" }, { "trust": 0.1, "url": "http://security.gentoo.org/glsa/glsa-200504-01.xml" }, { "trust": 0.1, "url": "http://security.gentoo.org/glsa/glsa-200504-04.xml" }, { "trust": 0.1, "url": "http://web.mit.edu/kerberos/www/advisories/mitkrb5-sa-2005-001-telnet.txt" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_m68k.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_sparc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_arm.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_hppa.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_powerpc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_s390.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_arm.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_sparc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_ia64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_m68k.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_alpha.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_mips.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_alpha.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_hppa.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_i386.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_powerpc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_alpha.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_s390.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_ia64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_mips.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_mips.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_s390.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody8.dsc" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_ia64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_hppa.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_mipsel.deb" }, { "trust": 0.1, "url": "http://www.debian.org/security/faq" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_mips.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_m68k.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_alpha.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_arm.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_mipsel.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_mipsel.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_powerpc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_m68k.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_hppa.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_mipsel.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_sparc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_sparc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_s390.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_powerpc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_alpha.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_m68k.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_sparc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_powerpc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_s390.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_powerpc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_i386.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_ia64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_arm.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_sparc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_m68k.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_powerpc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_arm.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_i386.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_arm.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_ia64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_s390.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_i386.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_mipsel.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_hppa.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_mips.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_powerpc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_alpha.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_arm.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_arm.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_alpha.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_mips.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_hppa.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_i386.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_ia64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_m68k.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_powerpc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_mips.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_ia64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_hppa.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_s390.deb" }, { "trust": 0.1, "url": "http://www.debian.org/security/" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_arm.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_ia64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_mips.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_m68k.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_sparc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_m68k.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_mipsel.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_ia64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_arm.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_ia64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_powerpc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_sparc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4-5woody8.diff.gz" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_hppa.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_mipsel.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_mips.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_mips.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_alpha.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-rsh-server_1.2.4-5woody8_s390.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-telnetd_1.2.4-5woody8_alpha.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5_1.2.4.orig.tar.gz" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_mipsel.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_m68k.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_mipsel.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-clients_1.2.4-5woody8_i386.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_i386.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_sparc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_mipsel.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-doc_1.2.4-5woody8_all.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_s390.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-ftpd_1.2.4-5woody8_hppa.deb" }, { "trust": 0.1, "url": "http://packages.debian.org/\u003cpkg\u003e" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-user_1.2.4-5woody8_sparc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb5-dev_1.2.4-5woody8_i386.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_i386.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkadm55_1.2.4-5woody8_alpha.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-admin-server_1.2.4-5woody8_i386.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/krb5-kdc_1.2.4-5woody8_hppa.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/k/krb5/libkrb53_1.2.4-5woody8_s390.deb" } ], "sources": [ { "db": "CERT/CC", "id": "VU#247744" }, { "db": "CERT/CC", "id": "VU#386964" }, { "db": "CERT/CC", "id": "VU#191336" }, { "db": "CERT/CC", "id": "VU#845620" }, { "db": "BID", "id": "12919" }, { "db": "JVNDB", "id": "JVNDB-2005-000202" }, { "db": "PACKETSTORM", "id": "51595" }, { "db": "PACKETSTORM", "id": "38276" }, { "db": "PACKETSTORM", "id": "36938" }, { "db": "PACKETSTORM", "id": "37029" }, { "db": "PACKETSTORM", "id": "36947" }, { "db": "CNNVD", "id": "CNNVD-200505-503" }, { "db": "NVD", "id": "CVE-2005-0468" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CERT/CC", "id": "VU#247744" }, { "db": "CERT/CC", "id": "VU#386964" }, { "db": "CERT/CC", "id": "VU#191336" }, { "db": "CERT/CC", "id": "VU#845620" }, { "db": "BID", "id": "12919" }, { "db": "JVNDB", "id": "JVNDB-2005-000202" }, { "db": "PACKETSTORM", "id": "51595" }, { "db": "PACKETSTORM", "id": "38276" }, { "db": "PACKETSTORM", "id": "36938" }, { "db": "PACKETSTORM", "id": "37029" }, { "db": "PACKETSTORM", "id": "36947" }, { "db": "CNNVD", "id": "CNNVD-200505-503" }, { "db": "NVD", "id": "CVE-2005-0468" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2006-09-28T00:00:00", "db": "CERT/CC", "id": "VU#247744" }, { "date": "2006-09-28T00:00:00", "db": "CERT/CC", "id": "VU#386964" }, { "date": "2006-11-30T00:00:00", "db": "CERT/CC", "id": "VU#191336" }, { "date": "2006-09-11T00:00:00", "db": "CERT/CC", "id": "VU#845620" }, { "date": "2005-03-28T00:00:00", "db": "BID", "id": "12919" }, { "date": "2007-04-01T00:00:00", "db": "JVNDB", "id": "JVNDB-2005-000202" }, { "date": "2006-11-03T00:05:01", "db": "PACKETSTORM", "id": "51595" }, { "date": "2005-06-24T07:12:08", "db": "PACKETSTORM", "id": "38276" }, { "date": "2005-04-14T07:02:43", "db": "PACKETSTORM", "id": "36938" }, { "date": "2005-04-17T18:36:49", "db": "PACKETSTORM", "id": "37029" }, { "date": "2005-04-14T07:43:25", "db": "PACKETSTORM", "id": "36947" }, { "date": "2005-03-29T00:00:00", "db": "CNNVD", "id": "CNNVD-200505-503" }, { "date": "2005-05-02T04:00:00", "db": "NVD", "id": "CVE-2005-0468" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2007-02-09T00:00:00", "db": "CERT/CC", "id": "VU#247744" }, { "date": "2011-07-22T00:00:00", "db": "CERT/CC", "id": "VU#386964" }, { "date": "2006-11-30T00:00:00", "db": "CERT/CC", "id": "VU#191336" }, { "date": "2007-02-08T00:00:00", "db": "CERT/CC", "id": "VU#845620" }, { "date": "2007-02-22T18:56:00", "db": "BID", "id": "12919" }, { "date": "2007-04-01T00:00:00", "db": "JVNDB", "id": "JVNDB-2005-000202" }, { "date": "2006-09-22T00:00:00", "db": "CNNVD", "id": "CNNVD-200505-503" }, { "date": "2024-11-20T23:55:11.497000", "db": "NVD", "id": "CVE-2005-0468" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-200505-503" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "OpenSSL may fail to properly parse invalid ASN.1 structures", "sources": [ { "db": "CERT/CC", "id": "VU#247744" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "buffer overflow", "sources": [ { "db": "CNNVD", "id": "CNNVD-200505-503" } ], "trust": 0.6 } }
var-200411-0172
Vulnerability from variot
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. OpenSSL Is SSL/TLS Due to incomplete implementation of do_change_cipher_spec() In the function NULL A vulnerability exists where pointers are not handled properly.OpenSSL An application that uses the service disrupts service operation (DoS) It may be in a state. OpenSSL is an open source SSL implementation used to implement high-strength encryption of network communications. It is now widely used in various network applications.
Using the Codenomicon TLS test tool, OpenSSL found a NULL pointer allocation in the do_change_cipher_spec () function. Applications that rely on this library will generate a denial of service. For the first issue, a NULL-pointer assignment can be triggered by attackers during SSL/TLS handshake exchanges. The CVE candidate name for this vulnerability is CAN-2004-0079. Versions 0.9.6c to 0.9.6k (inclusive) and from 0.9.7a to 0.9.7c (inclusive) are vulnerable. The second issue is also exploited during the SSL/TLS handshake, but only when Kerberos ciphersuites are in use. The vendor has reported that this vulnerability may not be a threat to many, because it occurs only when Kerberos ciphersuites are in use, an uncommon configuration. The CVE candidate name for this vulnerability is CAN-2004-0112. Versions 0.9.7a, 0.9.7b, and 0.9.7c are affected. This entry will be retired when individual BID records are created for each issue. *Note: A third denial-of-service vulnerability included in the announcement was discovered affecting 0.9.6 and fixed in 0.9.6d. The CVE candidate name for this vulnerability is CAN-2004-0081. Multiple security vulnerabilities are reported to affect Apple Mac OS X; updates are available. Apache is prone to five vulnerabilities ranging from buffer overflows to access validation vulnerabilities. The CVE Mitre candidate IDs CAN-2005-1344, CAN-2004-0942, CAN-2004-0885, CAN-2004-1083, and CAN-2004-1084 are assigned to these issues. Appkit is prone to three vulnerabilities. Two of these could result in arbitrary code execution, the third could permit the creation of local accounts. The CVE Mitre candidate IDs CAN-2005-2501, CAN-2005-2502, and CAN-2005-2503 are assigned to these issues. Bluetooth is prone to a vulnerability regarding authentication bypass. The CVE Mitre candidate ID CAN-2005-2504 is assigned to this issue. CoreFoundation is prone to two vulnerabilities, one resulting in a buffer overflow, the other a denial-of-service vulnerability. The CVE Mitre candidate IDs CAN-2005-2505 and CAN-2005-2506 are assigned to these issues. CUPS is prone to two vulnerabilities resulting in a denial of service until the service can be restarted. The CVE Mitre candidate IDs CAN-2005-2525 and CAN-2005-2526 are assigned to these issues. Directory Services is prone to three vulnerabilities. These issues vary from buffer overflow, unauthorized account creation and deletion, and privilege escalation. The CVE Mitre candidate IDs CAN-2005-2507, CAN-2005-2508 and CAN-2005-2519 are assigned to these issues. HItoolbox is prone to a vulnerability that could result in information disclosure. The CVE Mitre candidate ID CAN-2005-2513 is assigned to this issue. Kerberos is prone to five vulnerabilities that may result in a buffer overflow, execution of arbitrary code, and root compromise. The CVE Mitre candidate IDs CAN-2004-1189, CAN-2005-1174, CAN-2005-1175, CAN-2005-1689, and CAN-2005-2511 are assigned to these issues. loginwindow is prone to a vulnerability that could permit a user to gain access to other logged-in accounts. The CVE Mitre candidate ID CAN-2005-2509 is assigned to this issue. Mail is prone to a vulnerability regarding the loss of privacy when remote images are loaded into HTML email. The CVE Mitre candidate ID CAN-2005-2512 is assigned to this issue. MySQL is prone to three vulnerabilities that include arbitrary code execution by remote authenticated users. The CVE Mitre candidate IDs CAN-2005-0709, CAN-2005-0710, and CAN-2005-0711 are assigned to these issues. The CVE Mitre candidate IDs CAN-2004-0079 and CAN-2004-0112 are assigned to these issues. ping is prone to a vulnerability that could allow local privilege escalation and arbitrary code execution. The CVE Mitre candidate ID CAN-2005-2514 is assigned to this issue. QuartzComposerScreenSaver is prone to a vulnerability that could allow users to open pages while the RSS Visualizer screen is locked. The CVE Mitre candidate ID CAN-2005-2515 is assigned to this issue. Safari is prone to two vulnerabilities that could result in arbitrary command execution or have information submitted to an incorrect site. The CVE Mitre candidate IDs CAN-2005-2516 and CAN-2005-2517 are assigned to these issues. SecurityInterface is prone to a vulnerability that could expose recently used passwords. The CVE Mitre candidate ID CAN-2005-2520 is assigned to this issue. servermgrd is prone to a buffer-overflow vulnerability that could ultimately lead to the execution of arbitrary code. The CVE Mitre candidate ID CAN-2005-2518 is assigned to this issue. servermgr_ipfilter is prone to a vulnerability regarding firewall settings not always being written to the Active Rules. The CVE Mitre candidate ID CAN-2005-2510 is assigned to this issue. SquirrelMail is prone to two vulnerabilities including a cross-site scripting issue. The CVE Mitre candidate IDs CAN-2005-1769 and CAN-2005-2095 are assigned to these issues. traceroute is prone to a vulnerability that could result in arbitrary code execution and privilege escalation. The CVE Mitre candidate ID CAN-2005-2521 is assigned to this issue. WebKit is affected by a vulnerability that could result in code execution regarding a malformed PDF file. The CVE Mitre candidate ID CAN-2005-2522 is assigned to this issue. Weblog Server is prone to multiple cross-site scripting vulnerabilities. The CVE Mitre candidate ID CAN-2005-2523 is assigned to this issue. X11 is prone to a vulnerability that could result in arbitrary code execution. The CVE Mitre candidate ID CAN-2005-0605 is assigned to this issue. zlib is prone to two denial-of-service vulnerabilities that may ultimately lead to arbitrary code execution. The CVE Mitre candidate IDs CAN-2005-2096 and CAN-2005-1849 are assigned to these issues. These vulnerabilities will be separated into individual BIDs upon further analysis of the issues. Oracle Database Server, Oracle Application Server, Oracle Collaboration Suite, Oracle E-Business and Applications, Oracle Enterprise Manager Grid Control, and Oracle PeopleSoft Applications are reported prone to multiple vulnerabilities. Oracle has released a Critical Patch Update to address these issues in various supported applications and platforms. The issues identified by the vendor affect all security properties of the Oracle products and present local and remote threats. While various levels of authorization are required to leverage some issues, others do not require any authorization. This BID will be divided and updated into separate BIDs when more information is available. It supports a variety of encryption algorithms, including symmetric ciphers, hash algorithms, security hashing algorithm, etc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Cisco Security Advisory: Cisco OpenSSL Implementation Vulnerability
Revision 1.0
For Public Release 2004 March 17 at 1300 UTC (GMT)
----------------------------------------------------------------------
Contents
Summary
Affected Products
Details
Impact
Software Versions and Fixes
Obtaining Fixed Software
Workarounds
Exploitation and Public Announcements
Status of This Notice: INTERIM
Distribution
Revision History
Cisco Security Procedures
----------------------------------------------------------------------
Summary
A new vulnerability in the OpenSSL implementation for SSL has been announced on March 17, 2004.
An affected network device running an SSL server based on an affected OpenSSL implementation may be vulnerable to a Denial of Service (DoS) attack. There are workarounds available to mitigate the effects of this vulnerability on Cisco products in the workaround section of this advisory. Cisco is providing fixed software, and recommends that customers upgrade to it when it is available.
This advisory will be posted at http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml.
* Cisco IOS 12.1(11)E and later in the 12.1E release train. Only crypto
images (56i and k2) are vulnerable for the Cisco 7100 and 7200 Series
Routers.
* Cisco IOS 12.2SY release train. Only crypto images (k8, k9 and k91)
are vulnerable for the Cisco Catalyst 6500 Series and Cisco 7600
Series Routers.
* Cisco PIX Firewall
* Cisco Firewall Services Module (FWSM) for the Cisco Catalyst 6500
Series and Cisco 7600 Series routers
* Cisco MDS 9000 Series Multilayer Switch
* Cisco Content Service Switch (CSS) 11000 series
* Cisco Global Site Selector (GSS) 4480
* CiscoWorks Common Services (CWCS) version 2.2 and CiscoWorks Common
Management Foundation (CMF) version 2.1
* Cisco Access Registrar (CAR)
The following products have their SSL implementation based on the OpenSSL code and are not affected by this vulnerability.
* Cisco Secure Intrusion Detection System (NetRanger) appliance. This
includes the IDS-42xx appliances, NM-CIDS and WS-SVS-IDSM2.
* Cisco SN 5428 and SN 5428-2 Storage Router
* Cisco CNS Configuration Engine
* Cisco Network Analysis Modules (NAM) for the Cisco Catalyst 6000 and
6500 Series switches and Cisco 7600 Series routers
* Cisco SIP Proxy Server (SPS)
* CiscoWorks 1105 Hosting Solution Engine (HSE)
* CiscoWorks 1105 Wireless LAN Solution Engine (WLSE)
* Cisco Ethernet Subscriber Solution Engine (ESSE)
The following products, which implement SSL, are not affected by this vulnerability.
* Cisco VPN 3000 Series Concentrators
CatOS does not implement SSL and is not vulnerable.
No other Cisco products are currently known to be affected by this vulnerability. This vulnerability is still being actively investigated across Cisco products and status of some products has still not been determined.
Details
Secure Sockets Layer (SSL), is a protocol used to encrypt the data transferred over an TCP session. SSL in Cisco products is mainly used by the HyperText Transfer Protocol Secure (HTTPS) web service for which the default TCP port is 443. The affected products, listed above, are only vulnerable if they have the HTTPS service enabled and the access to the service is not limited to trusted hosts or network management workstations.
To check if the HTTPS service is enabled one can do the following:
1. Check the configuration on the device to verify the status of the
HTTPS service.
2. Try to connect to the device using a standard web browser that
supports SSL using a URL similar to https://ip_address_of_device/.
3. Try and connect to the default HTTPS port, TCP 443, using Telnet.
telnet ip_address_of_device 443. If the session connects the service
is enabled and accessible. This
crash on many Cisco products would cause the device to reload.
A third vulnerability described in the NISCC advisory is a bug in older versions of OpenSSL, versions before 0.9.6d, that can also lead to a Denial of Service attack. None of the Cisco OpenSSL implementations are known to be affected by this older OpenSSL issue.
* Cisco IOS - All 12.1(11)E and later IOS software crypto (56i and k2)
image releases in the 12.1E release train for the Cisco 7100 and 7200
Series Routers are affected by this vulnerability. All IOS software
crypto (k8, k9, and k91) image releases in the 12.2SY release train
for the Cisco Catalyst 6500 Series and Cisco 7600 Series Routers are
affected by this vulnerability. The SSH implementation in IOS is not
dependent on any OpenSSL code. SSH implementations in IOS do not
handle certificates, yet, and therefore do not use any SSL code for
SSH. OpenSSL in 12.1E and 12.2SY release trains is only used for
providing the HTTPS and VPN Device Manager (VDM) services. This
vulnerability is documented in the Cisco Bug Toolkit (registered
customers only) as Bug ID CSCee00041. The HTTPS web service, that uses
the OpenSSL code, on the device is disabled by default. The no ip http
secure-server command may be used to disable the HTTPS web service on
the device, if required. The SSH and IPSec services in IOS are not
vulnerable to this vulnerability.
* Cisco PIX Firewall - PIX 6.x releases are affected by this
vulnerability. PIX 5.x releases do not contain any SSL code and are
not vulnerable. This vulnerability is documented in the Cisco Bug
Toolkit (registered customers only) as Bug ID CSCed90672.
* Cisco Firewall Services Module (FWSM) for the Cisco Catalyst 6500
Series and Cisco 7600 Series routers - This vulnerability is
documented in the Cisco Bug Toolkit (registered customers only) as Bug
ID CSCee02055.
* Cisco MDS 9000 Series Multilayer Switches - This vulnerability is
documented in the Cisco Bug Toolkit (registered customers only) as Bug
ID CSCed96246.
* Cisco Content Service Switch (CSS) 11000 series - WebNS version 6.x
and 7.x are affected by this vulnerability. This vulnerability is
documented in the Cisco Bug Toolkit (registered customers only) as Bug
ID CSCee01234 for SCM and is documented in the Cisco Bug Toolkit
(registered customers only) as Bug ID CSCee01240 for the SSL module.
* Cisco Global Site Selector (GSS) 4480 - This vulnerability is
documented in the Cisco Bug Toolkit (registered customers only) as Bug
ID CSCee01057.
* CiscoWorks Common Services (CWCS) version 2.2 and CiscoWorks Common
Management Foundation (CMF) version 2.1 - This vulnerability is
documented in the Cisco Bug Toolkit (registered customers only) as Bug
ID CSCsa13748.
* Cisco Access Registrar (CAR) - This vulnerability is documented in the
Cisco Bug Toolkit (registered customers only) as Bug ID CSCee01956.
The Internetworking Terms and Cisco Systems Acronyms online guides can be found at http://www.cisco.com/univercd/cc/td/doc/cisintwk/.
Impact
An affected network device running an SSL server based on the OpenSSL implementation may be vulnerable to a Denial of Service (DoS) attack.
Software Versions and Fixes
* Cisco IOS -
+----------------------------------------+
|Release| Fixed Releases |Availability |
| Train | | |
|-------+------------------+-------------|
|12.2SY |12.2(14)SY4 |March 25 |
|-------+------------------+-------------|
| |12.1(13)E14 |April 8 |
|12.1E |12.1.(19)E7 |April 8 |
| |12.1(20)E3 |April 26 |
+----------------------------------------+
* Cisco PIX Firewall - The vulnerability is fixed in software releases
6.0(4)102, 6.1(5)102, 6.2(3)107, and 6.3(3)124. These engineering
builds may be obtained by contacting the Cisco Technical Assistance
Center (TAC). TAC Contact information is given in the Obtaining Fixed
Software section below.
* Cisco Firewall Services Module (FWSM) for the Cisco Catalyst 6500
Series and Cisco 7600 Series routers - The vulnerability is fixed in
software release 1.1.3(14) which will be available by Monday, 22 of
March, 2004. This engineering builds may be obtained by contacting the
Cisco Technical Assistance Center (TAC). TAC Contact information is
given in the Obtaining Fixed Software section below.
* Cisco MDS 9000 Series Multilayer Switches - No fixed software release
or software availability date has been determined yet.
* Cisco Content Service Switch (CSS) 11000 series -No fixed software
release or software availability date has been determined yet.
* Cisco Global Site Selector (GSS) 4480 - No fixed software release or
software availability date has been determined yet.
* CiscoWorks Common Services (CWCS) version 2.2 and CiscoWorks Common
Management Foundation (CMF) version 2.1 - No fixed software release or
software availability date has been determined yet.
* Cisco Access Registrar (CAR) - The vulnerability is fixed in software
release 3.5.0.12 which will be available by Friday, 26 of March, 2004.
Obtaining Fixed Software
Cisco is offering free software upgrades to address this vulnerability for all affected customers.
Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, Customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/public/sw-license-agreement.html, or as otherwise set forth at the Cisco Connection Online Software Center at http://www.cisco.com/public/sw-center/sw-usingswc.shtml.
Customers with contracts should obtain upgraded software through their regular update channels. For most customers, this means that upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com/tacpage/sw-center. To access the software download URL, you must be a registered user and you must be logged in.
Customers whose Cisco products are provided or maintained through a prior or existing agreement with third-party support organizations such as Cisco Partners, authorized resellers, or service providers, should contact that support organization for assistance with obtaining the software upgrade(s).
Customers who purchase direct from Cisco but who do not hold a Cisco service contract and customers who purchase through third-party vendors but are unsuccessful at obtaining fixed software through their point of sale should get their upgrades by contacting the Cisco Technical Assistance Center (TAC) using the contact information listed below. In these cases, customers are entitled to obtain a free upgrade to a later version of the same release or as indicated by the applicable corrected software version in the Software Versions and Fixes section (noted above).
Cisco TAC contacts are as follows:
* +1 800 553 2447 (toll free from within North America)
* +1 408 526 7209 (toll call from anywhere in the world)
* e-mail: tac@cisco.com
See http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml for additional TAC contact information, including special localized telephone numbers and instructions and e-mail addresses for use in various languages.
Please have your product serial number available and give the URL of this notice as evidence of your entitlement to a upgrade. Upgrades for non-contract customers must be requested through the TAC.
Please do not contact either "psirt@cisco.com" or "security-alert@cisco.com" for software upgrades.
Workarounds
The Cisco PSIRT recommends that affected users upgrade to a fixed software version of code as soon as it is available.
* Restrict access to the HTTPS server on the network device. Allow
access to the network device only from trusted workstations by using
access lists / MAC filters that are available on the affected
platforms.
* Disable the SSL server / service on the network device. This
workaround must be weighed against the need for secure communications
with the vulnerable device.
Exploitation and Public Announcements
The Cisco PSIRT is not aware of any malicious use of the vulnerability described in this advisory.
This vulnerability was reported to Cisco PSIRT by NISCC.
Status of This Notice: INTERIM
This is an interim advisory. Although Cisco cannot guarantee the accuracy of all statements in this advisory, all of the facts have been checked to the best of our ability. Cisco does not anticipate issuing updated versions of this advisory unless there is some material change in the facts. Should there be a significant change in the facts, Cisco may update this advisory.
A stand-alone copy or paraphrase of the text of this security advisory that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.
Distribution
This advisory will be posted on Cisco's worldwide website at http://www.cisco.com/warp/public/707/cisco-sa-20040317-openssl.shtml .
In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key having the fingerprint 8C82 5207 0CA9 ED40 1DD2 EE2A 7B31 A8CF 32B6 B590 and is posted to the following e-mail and Usenet news recipients.
* cust-security-announce@cisco.com
* first-teams@first.org (includes CERT/CC)
* bugtraq@securityfocus.com
* vulnwatch@vulnwatch.org
* cisco@spot.colorado.edu
* cisco-nsp@puck.nether.net
* full-disclosure@lists.netsys.com
* comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.
Revision History
+------------------------------------------+ |Revision 1.0|2004-March-17|Initial | | | |release. | +------------------------------------------+
Cisco Security Procedures
Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/warp/public/707/sec_incident_response.shtml. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt.
This advisory is copyright 2004 by Cisco Systems, Inc. This advisory may be redistributed freely after the release date given at the top of the text, provided that redistributed copies are complete and unmodified, including all date and version information.
----------------------------------------------------------------------
-----BEGIN PGP SIGNATURE----- Comment: PGP Signed by Sharad Ahlawat, Cisco Systems PSIRT
iD8DBQFAWFvZezGozzK2tZARAqIwAKDXDMLAY6eDYyU8y1MhKZUto2SRxwCg+oid 7AhsNlLsNVSLwTRKTHSigu0= =gtba -----END PGP SIGNATURE----- . Any application that makes use of OpenSSL's SSL/TLS library may be affected. Any application that makes use of OpenSSL's SSL/TLS library may be affected.
Recommendations
Upgrade to OpenSSL 0.9.7d or 0.9.6m. Recompile any OpenSSL applications statically linked to OpenSSL libraries.
OpenSSL 0.9.7d and OpenSSL 0.9.6m are available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under http://www.openssl.org/source/mirror.html):
ftp://ftp.openssl.org/source/
The distribution file names are:
o openssl-0.9.7d.tar.gz
MD5 checksum: 1b49e90fc8a75c3a507c0a624529aca5
o openssl-0.9.6m.tar.gz [normal]
MD5 checksum: 1b63bfdca1c37837dddde9f1623498f9
o openssl-engine-0.9.6m.tar.gz [engine]
MD5 checksum: 4c39d2524bd466180f9077f8efddac8c
The checksums were calculated using the following command:
openssl md5 openssl-0.9*.tar.gz