| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet. |
| SuSE Linux IMAP server allows remote attackers to bypass IMAP authentication and gain privileges. |
| The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/. |
| A buffer overflow in lsof allows local users to obtain root privilege. |
| Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash). |
| SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise. |
| runlpr in the LPRng package allows the local lp user to gain root privileges via certain command line arguments. |
| Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. |
| xtvscreen in SuSE Linux 6.0 allows local users to overwrite arbitrary files via a symlink attack on the pic000.pnm file. |
| Bash treats any character with a value of 255 as a command separator. |
| Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory." |
| Buffer overflows in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the i4l package on SuSE 7.3, 8.0, and possibly other operating systems, may allow local users to gain privileges. |
| Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory. |
| Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. |
| MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header. |
| Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference. |
| Buffer overflow in lukemftp FTP client in SuSE 6.4 through 8.0, and possibly other operating systems, allows a malicious FTP server to execute arbitrary code via a long PASV command. |
| aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes expired files from the /tmp directory. |
| Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header." |
| The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary. |