TrustixCVEs & Vulnerabilities

67 CVEs affecting Trustix products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.

Most Affected Products

secure linux 177antivirus 1
CVE-2004-0493MEDIUMpoc

The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.

6 Aug 2004
6.4
CVSS
CVE-2004-0686MEDIUM

Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors.

27 Jul 2004
5.0
CVSS
CVE-2004-0594MEDIUMpoc

The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.

27 Jul 2004
5.1
CVSS
CVE-2004-0600CRITICALpoc

Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.

27 Jul 2004
10.0
CVSS
CVE-2004-0595MEDIUMpoc

The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.

27 Jul 2004
6.8
CVSS
CVE-2004-2044HIGHpoc

PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase such as the Nuke Cops betaNC PHP-Nuke Bundle, OSCNukeLite 3.1, and OSC2Nuke 7x do not properly use the eregi() PHP function with $_SERVER['PHP_SELF'] to identify the calling script, which allows remote attackers to directly access scripts, obtain path information via a PHP error message, and possibly gain access, as demonstrated using an HTTP request that contains the "admin.php" string.

1 Jun 2004
7.5
CVSS
CVE-2004-0077HIGHpoc

The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985.

3 Mar 2004
7.2
CVSS
CVE-2002-1319LOW

The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on x86 systems, allows local users to cause a denial of service (hang) via the emulation mode, which does not properly clear TF and NT EFLAGs.

11 Dec 2002
2.1
CVSS
CVE-2002-0083CRITICALpoc

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.

15 Mar 2002
9.8
CVSS
CVE-2001-1030HIGH

Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.

18 Jul 2001
7.5
CVSS
CVE-2001-0169LOWpoc

When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.

26 Mar 2001
2.1
CVSS
CVE-2001-0117LOW

sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.

12 Mar 2001
1.2
CVSS
CVE-2001-0142LOW

squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.

12 Mar 2001
1.2
CVSS
CVE-2000-0917CRITICALpoc

Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.

19 Dec 2000
10.0
CVSS
CVE-2000-1009HIGHpoc

dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program.

11 Dec 2000
7.2
CVSS
CVE-2000-0867HIGH

Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.

14 Nov 2000
7.2
CVSS
CVE-2000-0844CRITICALpoc

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

14 Nov 2000
10.0
CVSS
CVE-2000-0791MEDIUM

Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan horse.

20 Oct 2000
4.6
CVSS
CVE-2000-0666CRITICALpoc

rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.

16 Jul 2000
10.0
CVSS
← PrevPage 2 / 2Next →
Trustix CVEs & Vulnerabilities — 67 Tracked — Page 2