CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

GNU : Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-1999-0035 1997-05-29 2008-09-09
5.1
None Remote High Not required Partial Partial Partial
Race condition in signal handling routine in ftpd, allowing read/write arbitrary files.
2 CVE-1999-0216 DoS 1997-11-01 2008-09-09
5.0
None Remote Low Not required None None Partial
Denial of service of inetd on Linux through SYN and RST packets.
3 CVE-1999-0402 1999-01-02 2008-09-09
5.0
None Remote Low Not required Partial None None
wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself.
4 CVE-2001-0072 2001-02-12 2017-10-10
5.0
None Remote Low Not required None Partial None
gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker to break the web of trust.
5 CVE-2001-0884 XSS +Info 2001-12-21 2017-10-10
5.1
None Remote High Not required Partial Partial Partial
Cross-site scripting vulnerability in Mailman email archiver before 2.08 allows attackers to obtain sensitive information or authentication credentials via a malicious link that is accessed by other web users.
6 CVE-2001-1377 DoS 2002-03-04 2018-10-30
5.0
None Remote Low Not required None None Partial
Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2.
7 CVE-2002-0399 Dir. Trav. 2002-10-10 2018-10-19
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive extraction via a (1) "/.." or (2) "./.." string, which removes the leading slash but leaves the "..", a variant of CVE-2001-1267.
8 CVE-2002-1146 DoS Overflow 2002-10-11 2008-09-10
5.0
None Remote Low Not required None None Partial
The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary ("read buffer overflow"), allowing remote attackers to cause a denial of service (crash).
9 CVE-2002-1216 2002-10-28 2016-10-18
5.0
None Remote Low Not required None Partial None
GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security check.
10 CVE-2002-1265 DoS 2002-11-12 2017-10-10
5.0
None Remote Low Not required None None Partial
The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang).
11 CVE-2002-1344 Dir. Trav. 2002-12-18 2018-10-19
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing (1) /absolute/path or (2) .. (dot dot) sequences.
12 CVE-2003-0795 20 DoS 2003-12-15 2016-10-18
5.0
None Remote Low Not required None None Partial
The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference.
13 CVE-2003-0853 DoS Exec Code Overflow 2003-11-17 2008-09-10
5.0
None Remote Low Not required None None Partial
An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd.
14 CVE-2003-0971 2003-12-15 2017-10-11
5.0
None Remote Low Not required Partial None None
GnuPG (GPG) 1.0.2, and other versions up to 1.2.3, creates ElGamal type 20 (sign+encrypt) keys using the same key component for encryption as for signing, which allows attackers to determine the private key from a signature.
15 CVE-2003-0991 DoS 2004-03-03 2017-10-10
5.0
None Remote Low Not required None None Partial
Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands.
16 CVE-2003-1232 Exec Code 2003-12-31 2011-03-08
5.1
None Remote High Not required Partial Partial Partial
Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstrated using the mode-name variable.
17 CVE-2004-0131 DoS 2004-03-03 2017-10-10
5.0
None Remote Low Not required None None Partial
The rad_print_request function in logger.c for GNU Radius daemon (radiusd) before 1.2 allows remote attackers to cause a denial of service (crash) via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, which causes a null dereference.
18 CVE-2004-0182 DoS 2004-06-01 2008-09-05
5.0
None Remote Low Not required None None Partial
Mailman before 2.0.13 allows remote attackers to cause a denial of service (crash) via an email message with an empty subject field.
19 CVE-2004-0412 2004-08-18 2017-07-11
5.0
None Remote Low Not required Partial None None
Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server.
20 CVE-2004-0576 DoS 2004-12-06 2017-07-11
5.0
None Remote Low Not required None None Partial
The radius daemon (radiusd) for GNU Radius 1.1, when compiled with the -enable-snmp option, allows remote attackers to cause a denial of service (server crash) via malformed SNMP messages containing an invalid OID.
21 CVE-2004-0849 DoS Overflow 2004-12-23 2017-07-11
5.0
None Remote Low Not required None None Partial
Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94, when compiled with the --enable-snmp option, allows remote attackers to cause a denial of service (daemon crash) via certain SNMP requests.
22 CVE-2004-1186 DoS Overflow 2004-12-31 2018-10-19
5.0
None Remote Low Not required None None Partial
Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash).
23 CVE-2004-1487 Bypass 2005-04-27 2018-10-03
5.0
None Remote Low Not required None Partial None
wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite certain files via a redirection URL containing a ".." that resolves to the IP address of the malicious server, which bypasses wget's filtering for ".." sequences.
24 CVE-2004-1488 Exec Code 2005-04-27 2018-10-03
5.0
None Remote Low Not required None Partial None
wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code.
25 CVE-2004-1702 DoS 2004-08-09 2017-07-11
5.0
None Remote Low Not required None None Partial
The AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 does not properly check the return value of the ReceiveTransaction function, which leads to a failed malloc call and triggers to a null dereference, which allows remote attackers to cause a denial of service (crash).
26 CVE-2004-2460 DoS 2004-12-31 2017-07-11
5.0
None Remote Low Not required None None Partial
Unknown vulnerability in POP3 in gnubiff before 2.0.0 allows remote attackers to cause a denial of service (application crash) via an "infinite" Unique IDentification Listing (UIDL) list.
27 CVE-2005-0080 2005-05-02 2016-10-18
5.0
None Remote Low Not required Partial None None
The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 displays a different error message depending on whether the e-mail address is subscribed to a private list, which allows remote attackers to determine the list membership for a given e-mail address.
28 CVE-2005-0202 Dir. Trav. 2005-05-02 2017-10-11
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and earlier allows remote attackers to read arbitrary files via ".../....///" sequences, which are not properly cleansed by regular expressions that are intended to remove "../" and "./" sequences.
29 CVE-2005-1228 Dir. Trav. 2005-05-02 2017-10-11
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1.3.5 allows remote attackers to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file.
30 CVE-2005-1431 DoS 2005-05-03 2017-10-11
5.0
None Remote Low Not required None None Partial
The "record packet parsing" in GnuTLS 1.2 before 1.2.3 and 1.0 before 1.0.25 allows remote attackers to cause a denial of service, possibly related to padding bytes in gnutils_cipher.c.
31 CVE-2005-1522 DoS 2005-05-26 2008-09-05
5.0
None Remote Low Not required None None Partial
The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service (CPU consumption) via a large range value in the FETCH command.
32 CVE-2005-1849 DoS 2005-07-26 2018-10-19
5.0
None Remote Low Not required None None Partial
inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service (application crash) via an invalid file that causes a large dynamic tree to be produced.
33 CVE-2005-3123 Dir. Trav. 2005-10-30 2011-03-08
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed.
34 CVE-2005-3573 DoS 2005-11-16 2017-10-11
5.0
None Remote Low Not required None None Partial
Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character encodings in filenames of e-mail attachments, which allows remote attackers to cause a denial of service (application crash).
35 CVE-2006-0049 2006-03-13 2018-10-19
5.0
None Remote Low Not required None Partial None
gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is valid, a different vulnerability than CVE-2006-0455.
36 CVE-2006-0052 DoS 2006-03-31 2018-10-03
5.0
None Remote Low Not required None None Partial
The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and earlier, when using Python's library email module 2.5, allows remote attackers to cause a denial of service (mailing list delivery failure) via a multipart MIME message with a single part that has two blank lines between the first boundary and the end boundary.
37 CVE-2006-0300 DoS Exec Code Overflow 2006-02-24 2018-10-19
5.1
None Remote High Not required Partial Partial Partial
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.
38 CVE-2006-2941 DoS 2006-09-06 2017-10-11
5.0
None Remote Low Not required None None Partial
Mailman before 2.1.9rc1 allows remote attackers to cause a denial of service via unspecified vectors involving "standards-breaking RFC 2231 formatted headers".
39 CVE-2006-4146 119 Exec Code Overflow 2006-08-31 2017-10-11
5.1
None Remote High Not required Partial Partial Partial
Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations.
40 CVE-2006-4790 2006-09-14 2017-10-11
5.0
None Remote Low Not required None Partial None
verify.c in GnuTLS before 1.4.4, when using an RSA key with exponent 3, does not properly handle excess data in the digestAlgorithm.parameters field when generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents GnuTLS from correctly verifying X.509 and other certificates that use PKCS, a variant of CVE-2006-4339.
41 CVE-2006-5864 119 Exec Code Overflow 2006-11-11 2018-10-17
5.1
None Remote High Not required Partial Partial Partial
Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript (PS) file with certain headers that contain long comments, as demonstrated using the (1) DocumentMedia, (2) DocumentPaperSizes, and possibly (3) PageMedia and (4) PaperSize headers. NOTE: this issue can be exploited through other products that use gv such as evince.
42 CVE-2006-6719 DoS 2006-12-23 2017-10-19
5.0
None Remote Low Not required None None Partial
The ftp_syst function in ftp-basic.c in Free Software Foundation (FSF) GNU wget 1.10.2 allows remote attackers to cause a denial of service (application crash) via a malicious FTP server with a large number of blank 220 responses to the SYST command.
43 CVE-2006-7239 310 DoS 2010-05-24 2010-05-25
5.0
None Remote Low Not required None None Partial
The _gnutls_x509_oid2mac_algorithm function in lib/gnutls_algorithms.c in GnuTLS before 1.4.2 allows remote attackers to cause a denial of service (crash) via a crafted X.509 certificate that uses a hash algorithm that is not supported by GnuTLS, which triggers a NULL pointer dereference.
44 CVE-2007-1263 2007-03-06 2018-10-16
5.0
None Remote Low Not required None Partial None
GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection.
45 CVE-2007-1269 2007-03-06 2018-10-16
5.0
None Remote Low Not required None Partial None
GNUMail 1.1.2 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents GNUMail from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection.
46 CVE-2007-6130 287 Bypass 2007-11-26 2011-03-08
5.0
None Remote Low Not required Partial None None
gnump3d 2.9final does not apply password protection to its plugins, which might allow remote attackers to bypass intended access restrictions.
47 CVE-2007-6613 119 DoS Exec Code Overflow 2008-01-03 2017-08-08
5.0
None Remote Low Not required None None Partial
Stack-based buffer overflow in the print_iso9660_recurse function in iso-info (src/iso-info.c) in GNU Compact Disc Input and Control Library (libcdio) 0.79 and earlier allows context-dependent attackers to cause a denial of service (core dump) and possibly execute arbitrary code via a disk or image that contains a long joilet file name.
48 CVE-2008-1950 189 DoS 2008-05-21 2018-10-11
5.0
None Remote Low Not required None None Partial
Integer signedness error in the _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in libgnutls in GnuTLS before 2.2.4 allows remote attackers to cause a denial of service (buffer over-read and crash) via a certain integer value in the Random field in an encrypted Client Hello message within a TLS record with an invalid Record Length, which leads to an invalid cipher padding length, aka GNUTLS-SA-2008-1-3.
49 CVE-2009-1417 310 2009-04-30 2017-08-17
5.0
None Remote Low Not required None Partial None
gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote attackers to successfully present a certificate that is (1) not yet valid or (2) no longer valid, related to lack of time checks in the _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup.
50 CVE-2009-2409 310 2009-07-30 2018-10-10
5.1
None Remote High Not required Partial Partial Partial
The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large.
Total number of vulnerabilities : 206   Page : 1 (This Page)2 3 4 5
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.