EngardelinuxCVEs & Vulnerabilities

8 CVEs affecting Engardelinux products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

secure linux 9secure community 3guardian digital webtool 1
CVE-2004-0535LOW

The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.

6 Aug 2004
2.1
CVSS
CVE-2003-0962HIGH

Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.

15 Dec 2003
7.5
CVSS
CVE-2003-0101CRITICALpoc

miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacharacters such as line feeds and carriage returns (CRLF) in Base-64 encoded strings during Basic authentication, which allows remote attackers to spoof a session ID and gain root privileges.

3 Mar 2003
10.0
CVSS
CVE-2002-0083CRITICALpoc

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.

15 Mar 2002
9.8
CVSS
CVE-2002-0002HIGHpoc

Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.

31 Jan 2002
7.5
CVSS
CVE-2001-0739HIGH

Guardian Digital WebTool in EnGarde Secure Linux 1.0.1 allows restarted services to inherit some environmental variables, which could allow local users to gain root privileges.

18 Oct 2001
7.2
CVSS
CVE-2001-0736LOWpoc

Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack.

18 Oct 2001
2.1
CVSS
CVE-2001-1240CRITICAL

The default configuration of sudo in Engarde Secure Linux 1.0.1 allows any user in the admin group to run certain commands that could be leveraged to gain full root access.

11 Jul 2001
10.0
CVSS
← PrevPage 1 / 1Next →