CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

GNU : Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
151 CVE-2010-0830 189 Exec Code 2010-06-01 2017-08-17
5.1
None Remote High Not required Partial Partial Partial
Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the GNU C Library (aka glibc or libc6) 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value for a certain d_tag structure member in the ELF header.
152 CVE-2009-5155 19 DoS 2019-02-26 2021-06-29
5.0
None Remote Low Not required None None Partial
In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.
153 CVE-2009-5138 264 Bypass 2014-03-07 2014-04-01
5.8
None Remote Medium Not required Partial Partial None
GnuTLS before 2.7.6, when the GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT flag is not enabled, treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates, a different vulnerability than CVE-2014-1959.
154 CVE-2009-4881 189 DoS Overflow 2010-06-01 2017-08-17
5.0
None Remote Low Not required None None Partial
Integer overflow in the __vstrfmon_l function in stdlib/strfmon_l.c in the strfmon implementation in the GNU C Library (aka glibc or libc6) before 2.10.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted format string, as demonstrated by the %99999999999999999999n string, a related issue to CVE-2008-1391.
155 CVE-2009-4880 189 DoS Overflow 2010-06-01 2017-08-17
5.0
None Remote Low Not required None None Partial
Multiple integer overflows in the strfmon implementation in the GNU C Library (aka glibc or libc6) 2.10.1 and earlier allow context-dependent attackers to cause a denial of service (memory consumption or application crash) via a crafted format string, as demonstrated by a crafted first argument to the money_format function in PHP, a related issue to CVE-2008-1391.
156 CVE-2009-3555 310 2009-11-09 2021-02-05
5.8
None Remote Medium Not required None Partial Partial
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue.
157 CVE-2009-2409 310 2009-07-30 2018-10-10
5.1
None Remote High Not required Partial Partial Partial
The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large.
158 CVE-2009-1417 310 2009-04-30 2017-08-17
5.0
None Remote Low Not required None Partial None
gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote attackers to successfully present a certificate that is (1) not yet valid or (2) no longer valid, related to lack of time checks in the _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup.
159 CVE-2008-1950 189 DoS 2008-05-21 2018-10-11
5.0
None Remote Low Not required None None Partial
Integer signedness error in the _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in libgnutls in GnuTLS before 2.2.4 allows remote attackers to cause a denial of service (buffer over-read and crash) via a certain integer value in the Random field in an encrypted Client Hello message within a TLS record with an invalid Record Length, which leads to an invalid cipher padding length, aka GNUTLS-SA-2008-1-3.
160 CVE-2007-6613 119 DoS Exec Code Overflow 2008-01-03 2017-08-08
5.0
None Remote Low Not required None None Partial
Stack-based buffer overflow in the print_iso9660_recurse function in iso-info (src/iso-info.c) in GNU Compact Disc Input and Control Library (libcdio) 0.79 and earlier allows context-dependent attackers to cause a denial of service (core dump) and possibly execute arbitrary code via a disk or image that contains a long joilet file name.
161 CVE-2007-6130 287 Bypass 2007-11-26 2011-03-08
5.0
None Remote Low Not required Partial None None
gnump3d 2.9final does not apply password protection to its plugins, which might allow remote attackers to bypass intended access restrictions.
162 CVE-2007-1269 2007-03-06 2018-10-16
5.0
None Remote Low Not required None Partial None
GNUMail 1.1.2 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents GNUMail from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without detection.
163 CVE-2007-1263 2007-03-06 2018-10-16
5.0
None Remote Low Not required None Partial None
GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection.
164 CVE-2006-7239 310 DoS 2010-05-24 2010-05-25
5.0
None Remote Low Not required None None Partial
The _gnutls_x509_oid2mac_algorithm function in lib/gnutls_algorithms.c in GnuTLS before 1.4.2 allows remote attackers to cause a denial of service (crash) via a crafted X.509 certificate that uses a hash algorithm that is not supported by GnuTLS, which triggers a NULL pointer dereference.
165 CVE-2006-6719 DoS 2006-12-23 2017-10-19
5.0
None Remote Low Not required None None Partial
The ftp_syst function in ftp-basic.c in Free Software Foundation (FSF) GNU wget 1.10.2 allows remote attackers to cause a denial of service (application crash) via a malicious FTP server with a large number of blank 220 responses to the SYST command.
166 CVE-2006-5864 119 Exec Code Overflow 2006-11-11 2018-10-17
5.1
None Remote High Not required Partial Partial Partial
Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript (PS) file with certain headers that contain long comments, as demonstrated using the (1) DocumentMedia, (2) DocumentPaperSizes, and possibly (3) PageMedia and (4) PaperSize headers. NOTE: this issue can be exploited through other products that use gv such as evince.
167 CVE-2006-4790 2006-09-14 2017-10-11
5.0
None Remote Low Not required None Partial None
verify.c in GnuTLS before 1.4.4, when using an RSA key with exponent 3, does not properly handle excess data in the digestAlgorithm.parameters field when generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents GnuTLS from correctly verifying X.509 and other certificates that use PKCS, a variant of CVE-2006-4339.
168 CVE-2006-4146 119 Exec Code Overflow 2006-08-31 2017-10-11
5.1
None Remote High Not required Partial Partial Partial
Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations.
169 CVE-2006-2941 DoS 2006-09-06 2017-10-11
5.0
None Remote Low Not required None None Partial
Mailman before 2.1.9rc1 allows remote attackers to cause a denial of service via unspecified vectors involving "standards-breaking RFC 2231 formatted headers".
170 CVE-2006-0300 DoS Exec Code Overflow 2006-02-24 2018-10-19
5.1
None Remote High Not required Partial Partial Partial
Buffer overflow in tar 1.14 through 1.15.90 allows user-assisted attackers to cause a denial of service (application crash) and possibly execute code via unspecified vectors involving PAX extended headers.
171 CVE-2006-0052 DoS 2006-03-31 2018-10-03
5.0
None Remote Low Not required None None Partial
The attachment scrubber (Scrubber.py) in Mailman 2.1.5 and earlier, when using Python's library email module 2.5, allows remote attackers to cause a denial of service (mailing list delivery failure) via a multipart MIME message with a single part that has two blank lines between the first boundary and the end boundary.
172 CVE-2006-0049 2006-03-13 2018-10-19
5.0
None Remote Low Not required None Partial None
gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is valid, a different vulnerability than CVE-2006-0455.
173 CVE-2005-3573 DoS 2005-11-16 2017-10-11
5.0
None Remote Low Not required None None Partial
Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character encodings in filenames of e-mail attachments, which allows remote attackers to cause a denial of service (application crash).
174 CVE-2005-3123 Dir. Trav. 2005-10-30 2011-03-08
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".." and "//" sequences are removed.
175 CVE-2005-1849 DoS 2005-07-26 2018-10-19
5.0
None Remote Low Not required None None Partial
inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service (application crash) via an invalid file that causes a large dynamic tree to be produced.
176 CVE-2005-1522 DoS 2005-05-26 2008-09-05
5.0
None Remote Low Not required None None Partial
The imap4d server for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows authenticated remote users to cause a denial of service (CPU consumption) via a large range value in the FETCH command.
177 CVE-2005-1431 DoS 2005-05-03 2017-10-11
5.0
None Remote Low Not required None None Partial
The "record packet parsing" in GnuTLS 1.2 before 1.2.3 and 1.0 before 1.0.25 allows remote attackers to cause a denial of service, possibly related to padding bytes in gnutils_cipher.c.
178 CVE-2005-1228 Dir. Trav. 2005-05-02 2017-10-11
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1.3.5 allows remote attackers to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file.
179 CVE-2005-0202 Dir. Trav. 2005-05-02 2017-10-11
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and earlier allows remote attackers to read arbitrary files via ".../....///" sequences, which are not properly cleansed by regular expressions that are intended to remove "../" and "./" sequences.
180 CVE-2005-0080 2005-05-02 2016-10-18
5.0
None Remote Low Not required Partial None None
The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 displays a different error message depending on whether the e-mail address is subscribed to a private list, which allows remote attackers to determine the list membership for a given e-mail address.
181 CVE-2004-2460 DoS 2004-12-31 2017-07-11
5.0
None Remote Low Not required None None Partial
Unknown vulnerability in POP3 in gnubiff before 2.0.0 allows remote attackers to cause a denial of service (application crash) via an "infinite" Unique IDentification Listing (UIDL) list.
182 CVE-2004-1702 DoS 2004-08-09 2017-07-11
5.0
None Remote Low Not required None None Partial
The AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 does not properly check the return value of the ReceiveTransaction function, which leads to a failed malloc call and triggers to a null dereference, which allows remote attackers to cause a denial of service (crash).
183 CVE-2004-1488 Exec Code 2005-04-27 2018-10-03
5.0
None Remote Low Not required None Partial None
wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code.
184 CVE-2004-1487 Bypass 2005-04-27 2018-10-03
5.0
None Remote Low Not required None Partial None
wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite certain files via a redirection URL containing a ".." that resolves to the IP address of the malicious server, which bypasses wget's filtering for ".." sequences.
185 CVE-2004-1186 DoS Overflow 2004-12-31 2018-10-19
5.0
None Remote Low Not required None None Partial
Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash).
186 CVE-2004-0849 DoS Overflow 2004-12-23 2017-07-11
5.0
None Remote Low Not required None None Partial
Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94, when compiled with the --enable-snmp option, allows remote attackers to cause a denial of service (daemon crash) via certain SNMP requests.
187 CVE-2004-0576 DoS 2004-12-06 2017-07-11
5.0
None Remote Low Not required None None Partial
The radius daemon (radiusd) for GNU Radius 1.1, when compiled with the -enable-snmp option, allows remote attackers to cause a denial of service (server crash) via malformed SNMP messages containing an invalid OID.
188 CVE-2004-0412 2004-08-18 2017-07-11
5.0
None Remote Low Not required Partial None None
Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server.
189 CVE-2004-0182 DoS 2004-06-01 2008-09-05
5.0
None Remote Low Not required None None Partial
Mailman before 2.0.13 allows remote attackers to cause a denial of service (crash) via an email message with an empty subject field.
190 CVE-2004-0131 DoS 2004-03-03 2017-10-10
5.0
None Remote Low Not required None None Partial
The rad_print_request function in logger.c for GNU Radius daemon (radiusd) before 1.2 allows remote attackers to cause a denial of service (crash) via a UDP packet with an Acct-Status-Type attribute without a value and no Acct-Session-Id attribute, which causes a null dereference.
191 CVE-2003-1232 Exec Code 2003-12-31 2011-03-08
5.1
None Remote High Not required Partial Partial Partial
Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstrated using the mode-name variable.
192 CVE-2003-0991 DoS 2004-03-03 2017-10-10
5.0
None Remote Low Not required None None Partial
Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands.
193 CVE-2003-0971 2003-12-15 2017-10-11
5.0
None Remote Low Not required Partial None None
GnuPG (GPG) 1.0.2, and other versions up to 1.2.3, creates ElGamal type 20 (sign+encrypt) keys using the same key component for encryption as for signing, which allows attackers to determine the private key from a signature.
194 CVE-2003-0853 DoS Exec Code Overflow 2003-11-17 2008-09-10
5.0
None Remote Low Not required None None Partial
An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd.
195 CVE-2003-0795 20 DoS 2003-12-15 2016-10-18
5.0
None Remote Low Not required None None Partial
The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference.
196 CVE-2002-1344 Dir. Trav. 2002-12-18 2018-10-19
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing (1) /absolute/path or (2) .. (dot dot) sequences.
197 CVE-2002-1265 DoS 2002-11-12 2017-10-10
5.0
None Remote Low Not required None None Partial
The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang).
198 CVE-2002-1216 2002-10-28 2016-10-18
5.0
None Remote Low Not required None Partial None
GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary files via a symlink attack, as the result of a modification that effectively disabled the security check.
199 CVE-2002-1146 DoS Overflow 2002-10-11 2008-09-10
5.0
None Remote Low Not required None None Partial
The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary ("read buffer overflow"), allowing remote attackers to cause a denial of service (crash).
200 CVE-2002-0399 Dir. Trav. 2002-10-10 2018-10-19
5.0
None Remote Low Not required None Partial None
Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive extraction via a (1) "/.." or (2) "./.." string, which removes the leading slash but leaves the "..", a variant of CVE-2001-1267.
Total number of vulnerabilities : 206   Page : 1 2 3 4 (This Page)5
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.