CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Redhat : Security Vulnerabilities (CVSS score between 7 and 7.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
551 CVE-2009-4067 120 DoS Exec Code Overflow 2020-02-11 2020-02-12
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system.
552 CVE-2009-3080 129 DoS +Priv 2009-11-20 2020-09-09
7.2
None Local Low Not required Complete Complete Complete
Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.
553 CVE-2008-7313 77 Exec Code 2017-03-31 2017-04-04
7.5
None Remote Low Not required Partial Partial Partial
The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE: this issue exists dues to an incomplete fix for CVE-2008-4796.
554 CVE-2008-3323 20 Exec Code 2008-07-28 2018-10-11
7.6
None Remote High Not required Complete Complete Complete
setup.exe before 2.573.2.3 in Cygwin does not properly verify the authenticity of packages, which allows remote Cygwin mirror servers or man-in-the-middle attackers to execute arbitrary code via a package list containing the MD5 checksum of a Trojan horse package.
555 CVE-2008-3283 399 DoS 2008-08-29 2017-09-29
7.8
None Remote Low Not required None None Complete
Multiple memory leaks in Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 and earlier allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) the authentication / bind phase and (2) anonymous LDAP search requests.
556 CVE-2008-2932 119 DoS Exec Code Overflow 2008-09-12 2017-08-08
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in Red Hat adminutil 1.1.6 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via % (percent) encoded HTTP input to unspecified CGI scripts in Fedora Directory Server. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-2929.
557 CVE-2008-2930 399 DoS 2008-08-29 2017-09-29
7.1
None Remote Medium Not required None None Complete
Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 allow remote attackers to cause a denial of service (CPU consumption and search outage) via crafted LDAP search requests with patterns, related to a single-threaded regular-expression subsystem.
558 CVE-2008-2359 16 +Priv 2008-06-02 2017-08-08
7.2
None Local Low Not required Complete Complete Complete
The default configuration of consolehelper in system-config-network before 1.5.10-1 on Fedora 8 lacks the USER=root directive, which allows local users of the workstation console to gain privileges and change the network configuration.
559 CVE-2008-1767 119 DoS Exec Code Overflow 2008-05-23 2017-09-29
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.
560 CVE-2008-1677 119 DoS Exec Code Overflow 2008-05-12 2017-08-08
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the regular expression handler in Red Hat Directory Server 8.0 and 7.1 before SP6 allows remote attackers to cause a denial of service (slapd crash) and possibly execute arbitrary code via a crafted LDAP query that triggers the overflow during translation to a regular expression.
561 CVE-2008-1198 16 2008-03-06 2018-01-06
7.1
None Remote Medium Not required Complete None None
The default IPSec ifup script in Red Hat Enterprise Linux 3 through 5 configures racoon to use aggressive IKE mode instead of main IKE mode, which makes it easier for remote attackers to conduct brute force attacks by sniffing an unencrypted preshared key (PSK) hash.
562 CVE-2008-0893 264 2008-04-16 2017-08-08
7.5
None Remote Low Not required Partial Partial Partial
Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, does not properly restrict access to CGI scripts, which allows remote attackers to perform administrative actions.
563 CVE-2007-6282 16 DoS 2008-05-08 2017-09-29
7.1
None Remote Medium Not required None None Complete
The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV.
564 CVE-2007-5365 119 DoS Exec Code Overflow 2007-10-11 2018-10-15
7.2
None Local Low Not required Complete Complete Complete
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.
565 CVE-2007-4994 255 Bypass 2007-11-06 2011-03-08
7.5
None Remote Low Not required Partial Partial Partial
Certificate Server 7.2 in Red Hat Certificate System (RHCS) does not properly handle new revocations that occur while a Certificate Revocation List (CRL) is being generated, which might prevent certain revoked certificates from appearing on the CRL quickly and allow users with revoked certificates to bypass the intended CRL.
566 CVE-2007-4130 20 DoS 2008-02-05 2017-09-29
7.2
None Local Low Not required Complete Complete Complete
The Linux kernel 2.6.9 before 2.6.9-67 in Red Hat Enterprise Linux (RHEL) 4 on Itanium (ia64) does not properly handle page faults during NUMA memory access, which allows local users to cause a denial of service (panic) via invalid arguments to set_mempolicy in an MPOL_BIND operation.
567 CVE-2007-1864 119 Overflow 2007-05-09 2019-05-22
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors.
568 CVE-2006-5753 DoS +Priv 2007-01-30 2017-10-11
7.2
None Local Low Not required Complete Complete Complete
Unspecified vulnerability in the listxattr system call in Linux kernel, when a "bad inode" is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges via unknown vectors.
569 CVE-2006-5170 2006-10-10 2018-10-17
7.5
None Remote Low Not required Partial Partial Partial
pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the pam_authenticate function to return a success code even if authentication has failed, as originally reported for xscreensaver.
570 CVE-2006-0745 Exec Code Bypass 2006-03-21 2018-10-19
7.2
None Local Low Not required Complete Complete Complete
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile.
571 CVE-2006-0453 DoS 2006-02-14 2017-07-20
7.8
None Remote Low Not required None None Complete
The LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (crash) via a certain "bad BER sequence" that results in a free of uninitialized memory, as demonstrated using the ProtoVer LDAP test suite.
572 CVE-2005-4890 20 2019-11-04 2020-08-18
7.2
None Local Low Not required Complete Complete Complete
There is a possible tty hijacking in shadow 4.x before 4.1.5 and sudo 1.x before 1.7.4 via "su - user -c program". The user session can be escaped to the parent session by using the TIOCSTI ioctl to push characters into the input buffer to be read by the next process.
573 CVE-2005-3629 +Priv 2005-12-31 2017-10-11
7.2
None Local Low Not required Complete Complete Complete
initscripts in Red Hat Enterprise Linux 4 does not properly handle certain environment variables when /sbin/service is executed, which allows local users with sudo permissions for /sbin/service to gain root privileges via unknown vectors.
574 CVE-2005-1760 +Priv 2005-06-13 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
sysreport 1.3.15 and earlier includes contents of the up2date file in a report, which leaks the password for a proxy server in plaintext and allows local users to gain privileges.
575 CVE-2005-0754 Exec Code 2005-04-22 2016-10-18
7.5
None Remote Low Not required Partial Partial Partial
Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code.
576 CVE-2005-0750 +Priv 2005-03-27 2017-10-11
7.2
None Local Low Not required Complete Complete Complete
The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.
577 CVE-2005-0699 Exec Code Overflow 2005-03-08 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values.
578 CVE-2005-0605 Exec Code Overflow 2005-03-02 2018-10-03
7.5
None Remote Low Not required Partial Partial Partial
scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
579 CVE-2005-0403 DoS 2005-09-01 2017-10-11
7.2
None Local Low Not required Complete Complete Complete
init_dev in tty_io.c in the Red Hat backport of NPTL to Red Hat Enterprise Linux 3 does not properly clear controlling tty's in multi-threaded applications, which allows local users to cause a denial of service (crash) and possibly gain tty access via unknown attack vectors that trigger an access of a pointer to a freed structure.
580 CVE-2005-0373 Exec Code Overflow 2004-10-07 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.
581 CVE-2005-0337 Bypass 2005-05-02 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname.
582 CVE-2005-0206 Overflow 2005-04-27 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
583 CVE-2005-0091 +Priv 2005-05-02 2017-10-11
7.2
None Local Low Not required Complete Complete Complete
Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when using the hugemem kernel, allows local users to read and write to arbitrary kernel memory and gain privileges via certain syscalls.
584 CVE-2005-0086 DoS Exec Code Overflow 2005-05-02 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in less in Red Hat Enterprise Linux 3 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file, as demonstrated using the UTF-8 locale.
585 CVE-2004-2771 20 Exec Code 2014-12-24 2019-12-27
7.5
None Remote Low Not required Partial Partial Partial
The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.
586 CVE-2004-1176 DoS Exec Code 2005-04-14 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
587 CVE-2004-1175 Exec Code 2005-04-14 2017-07-19
7.5
None Remote Low Not required Partial Partial Partial
fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters.
588 CVE-2004-1158 2005-01-10 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
Konqueror 3.x up to 3.2.2-6, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window or tab whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.
589 CVE-2004-1072 DoS Exec Code Overflow 2005-01-10 2017-10-11
7.2
None Local Low Not required Complete Complete Complete
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code.
590 CVE-2004-1071 Exec Code 2005-01-10 2017-10-11
7.2
None Local Low Not required Complete Complete Complete
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.
591 CVE-2004-1070 Exec Code 2005-01-10 2017-10-11
7.2
None Local Low Not required Complete Complete Complete
The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code.
592 CVE-2004-1057 DoS 2005-01-21 2017-10-11
7.2
None Local Low Not required Complete Complete Complete
Multiple drivers in Linux kernel 2.4.19 and earlier do not properly mark memory with the VM_IO flag, which causes incorrect reference counts and may lead to a denial of service (kernel panic) when accessing freed kernel pages.
593 CVE-2004-1005 Overflow 2005-04-14 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.
594 CVE-2004-1004 2005-04-14 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.
595 CVE-2004-0986 2005-03-01 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers.
596 CVE-2004-0827 DoS Exec Code Overflow 2004-09-16 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
597 CVE-2004-0817 Exec Code Overflow 2004-12-31 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
598 CVE-2004-0803 Exec Code Overflow 2004-12-23 2017-10-11
7.5
None Remote Low Not required Partial Partial Partial
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
599 CVE-2004-0750 2004-10-20 2018-10-19
7.5
None Remote Low Not required Partial Partial Partial
Unknown vulnerability in redhat-config-nfs before 1.0.13, when shares are exported to multiple hosts, can produce incorrect permissions and prevent the all_squash option from being applied.
600 CVE-2004-0642 415 Exec Code 2004-09-28 2021-02-02
7.5
None Remote Low Not required Partial Partial Partial
Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code.
Total number of vulnerabilities : 704   Page : 1 2 3 4 5 6 7 8 9 10 11 12 (This Page)13 14 15
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.