cpe:/o:linux:linux_kernel:2.6.1 cpe:/o:linux:linux_kernel:2.4.1 cpe:/o:linux:linux_kernel:2.4.17 cpe:/o:linux:linux_kernel:2.4.14 cpe:/o:linux:linux_kernel:2.4.27 cpe:/o:linux:linux_kernel:2.4.10 cpe:/o:redhat:enterprise_linux:3.0::workstation_server cpe:/o:redhat:enterprise_linux_desktop:4.0 cpe:/o:linux:linux_kernel:2.4.28 cpe:/o:redhat:enterprise_linux:3.0::enterprise_server cpe:/o:linux:linux_kernel:2.6.9:2.6.20 cpe:/o:linux:linux_kernel:2.4.5 cpe:/o:trustix:secure_linux:2.1 cpe:/o:linux:linux_kernel:2.4.12 cpe:/o:linux:linux_kernel:2.2.7 cpe:/o:linux:linux_kernel:2.6.5 cpe:/o:redhat:enterprise_linux:4.0::enterprise_server cpe:/o:linux:linux_kernel:2.6.7 cpe:/o:linux:linux_kernel:2.4.2 cpe:/o:linux:linux_kernel:2.4.3 cpe:/o:linux:linux_kernel:2.4.16 cpe:/o:redhat:enterprise_linux:4.0::advanced_server cpe:/o:trustix:secure_linux:2.2 cpe:/o:linux:linux_kernel:2.4.23 cpe:/o:linux:linux_kernel:2.4.6 cpe:/o:linux:linux_kernel:2.4.24 cpe:/o:redhat:enterprise_linux:3.0::advanced_server cpe:/o:linux:linux_kernel:2.4.7 cpe:/o:redhat:enterprise_linux:4.0::workstation cpe:/o:linux:linux_kernel:2.6.4 cpe:/o:linux:linux_kernel:2.4.11 cpe:/o:linux:linux_kernel:2.4.4 cpe:/o:linux:linux_kernel:2.4.13 cpe:/o:linux:linux_kernel:2.4.19 cpe:/o:linux:linux_kernel:2.4.9 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel:2.4.8 cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.6.2 cpe:/o:linux:linux_kernel:2.6.0 cpe:/o:trustix:secure_linux:2 cpe:/o:linux:linux_kernel:2.4.22 cpe:/o:linux:linux_kernel:2.6.3 cpe:/o:linux:linux_kernel:2.6.10 cpe:/o:redhat:enterprise_linux_desktop:3.0 cpe:/o:linux:linux_kernel:2.4.26 cpe:/o:linux:linux_kernel:2.6.8 cpe:/o:linux:linux_kernel:2.4.21 cpe:/o:linux:linux_kernel:2.4.29 cpe:/o:linux:linux_kernel:2.6.6 cpe:/o:linux:linux_kernel:2.4.25 cpe:/o:linux:linux_kernel:2.4.0 cpe:/o:linux:linux_kernel:2.4.15 CVE-2005-0001 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:19.967-04:00 6.9 LOCAL MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-05-13T14:09:00.000-04:00 ALLOWS_ADMIN_ACCESS FEDORA FLSA:2336 XF linux-fault-handler-gain-privileges(18849) TRUSTIX 2005-0001 BID 12244 REDHAT RHSA-2005:092 REDHAT RHSA-2005:043 REDHAT RHSA-2005:017 REDHAT RHSA-2005:016 DEBIAN DSA-1082 DEBIAN DSA-1070 DEBIAN DSA-1069 DEBIAN DSA-1067 SECTRACK 1012862 SECUNIA 20338 SECUNIA 20202 SECUNIA 20163 SECUNIA 13822 BUGTRAQ 20050114 [USN-60-0] Linux kernel vulnerabilities BUGTRAQ 20050112 Linux kernel i386 SMP page fault handler privilege escalation FULLDISC 20050112 Linux kernel i386 SMP page fault handler privilege escalation MISC http://isec.pl/vulnerabilities/isec-0022-pagefault.txt CONECTIVA CLA-2005:930 MANDRAKE MDKSA-2005:022 Race condition in the page fault handler (fault.c) for Linux kernel 2.2.x to 2.2.7, 2.4 to 2.4.29, and 2.6 to 2.6.10, when running on multiprocessor machines, allows local users to execute arbitrary code via concurrent threads that share the same virtual memory space and simultaneously request stack expansion. cpe:/a:gentoo:poppassd_pam:1.0 CVE-2005-0002 2005-05-02T00:00:00.000-04:00 2008-09-10T15:34:43.210-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-05-13T14:05:00.000-04:00 ALLOWS_ADMIN_ACCESS GENTOO GLSA-200501-22 SECTRACK 1012840 SECUNIA 13865 poppassd_pam 1.0 and earlier, when changing a user password, does not verify that the user entered the old password correctly, which allows remote attackers to change passwords for arbitrary users. cpe:/o:mandrakesoft:mandrake_linux:10.0::amd64 cpe:/a:mandrakesoft:mandrake_multi_network_firewall:8.2 cpe:/o:linux:linux_kernel:2.4.1 cpe:/o:linux:linux_kernel:2.4.17 cpe:/o:linux:linux_kernel:2.4.14 cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1::x86_64 cpe:/o:linux:linux_kernel:2.4.27 cpe:/o:linux:linux_kernel:2.4.10 cpe:/o:linux:linux_kernel:2.4.18:pre5 cpe:/o:redhat:enterprise_linux:3.0::enterprise_server cpe:/o:linux:linux_kernel:2.4.28 cpe:/o:linux:linux_kernel:2.4.24_ow1 cpe:/o:linux:linux_kernel:2.4.23:pre9 cpe:/o:linux:linux_kernel:2.4.0:test3 cpe:/o:linux:linux_kernel:2.4.29:rc1 cpe:/o:linux:linux_kernel:2.4.0:test7 cpe:/o:linux:linux_kernel:2.4.19:pre6 cpe:/o:linux:linux_kernel:2.4.21:pre1 cpe:/o:linux:linux_kernel:2.4.27:pre3 cpe:/o:linux:linux_kernel:2.4.18:pre3 cpe:/o:redhat:enterprise_linux:3.0::workstation cpe:/h:avaya:s8500:r2.0.1 cpe:/o:linux:linux_kernel:2.4.5 cpe:/o:linux:linux_kernel:2.4.19:pre2 cpe:/h:avaya:s8710:r2.0.0 cpe:/o:linux:linux_kernel:2.4.29:rc2 cpe:/o:avaya:modular_messaging_message_storage_server:2.0 cpe:/o:linux:linux_kernel:2.4.12 cpe:/o:mandrakesoft:mandrake_linux:9.2::amd64 cpe:/o:linux:linux_kernel:2.4.18::x86 cpe:/o:linux:linux_kernel:2.4.0:test8 cpe:/o:linux:linux_kernel:2.4.0:test9 cpe:/o:linux:linux_kernel:2.4.18:pre7 cpe:/o:linux:linux_kernel:2.4.19:pre3 cpe:/o:linux:linux_kernel:2.4.23_ow2 cpe:/o:linux:linux_kernel:2.4.2 cpe:/o:linux:linux_kernel:2.4.3 cpe:/a:avaya:network_routing cpe:/o:linux:linux_kernel:2.4.0:test11 cpe:/o:mandrakesoft:mandrake_linux:10.1 cpe:/o:linux:linux_kernel:2.4.27:pre1 cpe:/o:linux:linux_kernel:2.4.16 cpe:/o:redhat:enterprise_linux:3.0::advanced_servers cpe:/o:linux:linux_kernel:2.4.6 cpe:/o:linux:linux_kernel:2.4.23 cpe:/o:linux:linux_kernel:2.4.0:test10 cpe:/o:linux:linux_kernel:2.4.24 cpe:/o:mandrakesoft:mandrake_linux:10.1::x86_64 cpe:/o:linux:linux_kernel:2.4.7 cpe:/o:linux:linux_kernel:2.4.0:test1 cpe:/o:linux:linux_kernel:2.4.27:pre2 cpe:/o:linux:linux_kernel:2.4.18:pre4 cpe:/o:linux:linux_kernel:2.4.11 cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1 cpe:/o:linux:linux_kernel:2.4.4 cpe:/o:linux:linux_kernel:2.4.13 cpe:/o:linux:linux_kernel:2.4.0:test12 cpe:/o:linux:linux_kernel:2.4.18:pre8 cpe:/o:linux:linux_kernel:2.4.0:test2 cpe:/o:linux:linux_kernel:2.4.19 cpe:/h:avaya:s8300:r2.0.0 cpe:/o:linux:linux_kernel:2.4.18:pre1 cpe:/o:linux:linux_kernel:2.4.18:pre6 cpe:/o:linux:linux_kernel:2.4.9 cpe:/o:linux:linux_kernel:2.4.21:pre4 cpe:/o:linux:linux_kernel:2.4.8 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel:2.4.19:pre4 cpe:/o:linux:linux_kernel:2.4.20 cpe:/h:avaya:converged_communications_server:2.0 cpe:/o:linux:linux_kernel:2.4.27:pre4 cpe:/o:linux:linux_kernel:2.4.0:test5 cpe:/o:linux:linux_kernel:2.4.0:test4 cpe:/o:linux:linux_kernel:2.4.27:pre5 cpe:/a:avaya:mn100 cpe:/a:avaya:intuity_audix:::lx cpe:/o:linux:linux_kernel:2.4.21:pre7 cpe:/o:linux:linux_kernel:2.4.19:pre1 cpe:/o:linux:linux_kernel:2.4.18:pre2 cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0 cpe:/o:linux:linux_kernel:2.4.22 cpe:/h:avaya:s8700:r2.0.1 cpe:/o:mandrakesoft:mandrake_linux:9.2 cpe:/o:redhat:enterprise_linux_desktop:3.0 cpe:/o:linux:linux_kernel:2.4.26 cpe:/o:linux:linux_kernel:2.4.19:pre5 cpe:/o:linux:linux_kernel:2.4.21 cpe:/o:avaya:modular_messaging_message_storage_server:1.1 cpe:/o:mandrakesoft:mandrake_linux:10.0 cpe:/o:linux:linux_kernel:2.4.0:test6 cpe:/h:avaya:s8500:r2.0.0 cpe:/o:linux:linux_kernel:2.4.25 cpe:/o:linux:linux_kernel:2.4.0 cpe:/o:linux:linux_kernel:2.4.15 cpe:/h:avaya:s8710:r2.0.1 cpe:/h:avaya:s8700:r2.0.0 cpe:/h:avaya:s8300:r2.0.1 CVE-2005-0003 2005-04-14T00:00:00.000-04:00 2010-08-21T00:25:20.187-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 BID 12261 REDHAT RHSA-2005:043 XF linux-vma-gain-privileges(18886) TRUSTIX 2005-0001 REDHAT RHSA-2005:017 SUSE SUSE-SA:2005:018 DEBIAN DSA-1082 DEBIAN DSA-1070 DEBIAN DSA-1069 DEBIAN DSA-1067 SECTRACK 1012885 SECUNIA 20338 SECUNIA 20202 SECUNIA 20163 MISC http://linux.bkbits.net:8080/linux-2.6/cset@41a6721cce-LoPqkzKXudYby_3TUmg CONFIRM http://linux.bkbits.net:8080/linux-2.4/cset@41c36fb6q1Z68WUzKQFjJR-40Ev3tw MANDRAKE MDKSA-2005:022 The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file. cpe:/o:redhat:linux:9.0::i386 cpe:/a:mysql:mysql:4.0.15 cpe:/a:mysql:mysql:4.0.8:gamma cpe:/o:debian:debian_linux:3.0::mips cpe:/a:mysql:mysql:4.0.21 cpe:/a:mysql:mysql:4.0.10 cpe:/o:debian:debian_linux:3.0::ia-32 cpe:/o:debian:debian_linux:3.0::s-390 cpe:/o:debian:debian_linux:3.0::alpha cpe:/a:mysql:mysql:4.0.11:gamma cpe:/o:debian:debian_linux:3.0::arm cpe:/a:mysql:mysql:4.0.9 cpe:/a:mysql:mysql:4.0.12 cpe:/o:gentoo:linux cpe:/o:debian:debian_linux:3.0::mipsel cpe:/a:mysql:mysql:4.0.3 cpe:/a:mysql:mysql:4.0.2 cpe:/a:mysql:mysql:4.1.3 cpe:/a:mysql:mysql:4.0.9:gamma cpe:/a:mysql:mysql:4.1.2:alpha cpe:/o:debian:debian_linux:3.0::ppc cpe:/o:debian:debian_linux:3.0::hppa cpe:/a:mysql:mysql:4.0.4 cpe:/o:redhat:linux:7.3::i386 cpe:/a:mysql:mysql:4.0.11 cpe:/a:mysql:mysql:4.0.7 cpe:/a:mysql:mysql:4.1.0:alpha cpe:/o:debian:debian_linux:3.0::m68k cpe:/a:mysql:mysql:4.0.6 cpe:/a:mysql:mysql:4.0.0 cpe:/a:mysql:mysql:4.0.5a cpe:/o:debian:debian_linux:3.0::ia-64 cpe:/a:mysql:mysql:4.0.18 cpe:/a:mysql:mysql:4.0.7:gamma cpe:/a:mysql:mysql:4.0.20 cpe:/a:mysql:mysql:4.1.4 cpe:/a:mysql:mysql:4.1.0.0 cpe:/a:mysql:mysql:4.1.3:beta cpe:/a:mysql:mysql:4.0.5 cpe:/a:mysql:mysql:4.0.14 cpe:/o:redhat:fedora_core:core_1.0 cpe:/o:debian:debian_linux:3.0::sparc cpe:/a:mysql:mysql:4.1.5 cpe:/a:mysql:mysql:4.0.1 cpe:/a:mysql:mysql:4.0.8 cpe:/a:mysql:mysql:4.0.13 CVE-2005-0004 2005-04-14T00:00:00.000-04:00 2008-09-10T15:34:44.570-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_USER_ACCESS BID 12277 DEBIAN DSA-647 SECUNIA 13867 XF mysql-mysqlaccess-symlink(18922) CONFIRM http://mysql.osuosl.org/doc/mysql/en/News-4.1.10.html BUGTRAQ 20050118 [USN-63-1] MySQL client vulnerability CONFIRM http://lists.mysql.com/internals/20600 CONECTIVA CLA-2005:947 MANDRAKE MDKSA-2005:036 SUNALERT 101864 The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files. cpe:/o:debian:debian_linux:3.0::mips cpe:/a:imagemagick:imagemagick:6.2.0.4 cpe:/o:debian:debian_linux:3.0::s-390 cpe:/a:sgi:propack:3.0 cpe:/o:debian:debian_linux:3.0::alpha cpe:/o:gentoo:linux:0.5 cpe:/a:imagemagick:imagemagick:5.3.3 cpe:/a:imagemagick:imagemagick:6.0 cpe:/o:gentoo:linux:1.4:rc3 cpe:/a:imagemagick:imagemagick:6.1.7 cpe:/a:imagemagick:imagemagick:6.0.4 cpe:/o:debian:debian_linux:3.0::mipsel cpe:/a:imagemagick:imagemagick:6.0.2 cpe:/a:imagemagick:imagemagick:6.1.6 cpe:/a:imagemagick:imagemagick:6.0.8 cpe:/a:graphicsmagick:graphicsmagick:1.1 cpe:/o:debian:debian_linux:3.0::hppa cpe:/o:gentoo:linux:1.4:rc2 cpe:/a:graphicsmagick:graphicsmagick:1.1.4 cpe:/a:imagemagick:imagemagick:6.1.1.6 cpe:/a:graphicsmagick:graphicsmagick:1.0.6 cpe:/o:suse:suse_linux:8.0::i386 cpe:/o:suse:suse_linux:9.0 cpe:/o:suse:suse_linux:8.2 cpe:/a:imagemagick:imagemagick:6.1.4 cpe:/a:imagemagick:imagemagick:5.4.7 cpe:/a:imagemagick:imagemagick:6.2 cpe:/a:imagemagick:imagemagick:6.0.2.5 cpe:/o:gentoo:linux:1.2 cpe:/o:gentoo:linux:1.4:rc1 cpe:/o:debian:debian_linux:3.0::ia-32 cpe:/o:suse:suse_linux:8.1 cpe:/a:imagemagick:imagemagick:6.0.5 cpe:/a:imagemagick:imagemagick:6.0.1 cpe:/o:suse:suse_linux:9.2 cpe:/a:graphicsmagick:graphicsmagick:1.0 cpe:/a:graphicsmagick:graphicsmagick:1.1.3 cpe:/o:debian:debian_linux:3.0::arm cpe:/o:gentoo:linux:0.7 cpe:/o:suse:suse_linux:9.1 cpe:/a:imagemagick:imagemagick:6.2.0.7 cpe:/o:debian:debian_linux:3.0::ppc cpe:/a:imagemagick:imagemagick:6.1.3 cpe:/a:imagemagick:imagemagick:6.0.6 cpe:/o:debian:debian_linux:3.0::m68k cpe:/a:imagemagick:imagemagick:6.1 cpe:/o:suse:suse_linux:9.0::x86_64 cpe:/o:suse:suse_linux:8.0 cpe:/a:imagemagick:imagemagick:6.1.2 cpe:/o:debian:debian_linux:3.0::ia-64 cpe:/a:imagemagick:imagemagick:6.0.3 cpe:/a:imagemagick:imagemagick:6.0.7 cpe:/o:gentoo:linux:1.1a cpe:/o:debian:debian_linux:3.0::sparc cpe:/o:gentoo:linux:1.4 cpe:/a:imagemagick:imagemagick:5.4.3 cpe:/a:imagemagick:imagemagick:6.1.5 CVE-2005-0005 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:20.497-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-13T14:36:00.000-04:00 ALLOWS_USER_ACCESS REDHAT RHSA-2005:071 DEBIAN DSA-646 IDEFENSE 20050117 Multiple Vendor ImageMagick .psd Image File Decode Heap Overflow Vulnerability GENTOO GLSA-200501-37 BUGTRAQ 20050118 [USN-62-1] imagemagick vulnerability REDHAT RHSA-2005:070 Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers. cpe:/a:ethereal_group:ethereal:0.10.8 cpe:/a:ethereal_group:ethereal:0.10.6 cpe:/a:ethereal_group:ethereal:0.10.7 CVE-2005-0006 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:20.937-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-05-13T14:11:00.000-04:00 CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00017.html SECUNIA 13946 XF ethereal-cops-dos(18999) REDHAT RHSA-2005:037 GENTOO GLSA-200501-27 CIAC P-106 BID 12326 REDHAT RHSA-2005:011 FEDORA FLSA-2006:152922 MANDRAKE MDKSA-2005:013 The COPS dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (infinite loop). cpe:/a:ethereal_group:ethereal:0.10.8 cpe:/a:ethereal_group:ethereal:0.10.6 cpe:/a:ethereal_group:ethereal:0.10.7 CVE-2005-0007 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:21.060-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-05-13T14:20:00.000-04:00 XF ethereal-dlsw-dos(19000) SECUNIA 13946 REDHAT RHSA-2005:037 GENTOO GLSA-200501-27 CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00017.html CIAC P-106 BID 12326 REDHAT RHSA-2005:011 FEDORA FLSA-2006:152922 MANDRAKE MDKSA-2005:013 Unknown vulnerability in the DLSw dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (application crash from assertion). cpe:/a:ethereal_group:ethereal:0.10.8 cpe:/a:ethereal_group:ethereal:0.10.6 cpe:/a:ethereal_group:ethereal:0.10.5 cpe:/a:ethereal_group:ethereal:0.10.7 CVE-2005-0008 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:21.187-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-05-13T14:18:00.000-04:00 CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00017.html XF ethereal-dnp-memory-corruption(19001) REDHAT RHSA-2005:037 GENTOO GLSA-200501-27 CIAC P-106 SECUNIA 13946 BID 12326 REDHAT RHSA-2005:011 FEDORA FLSA-2006:152922 MANDRAKE MDKSA-2005:013 Unknown vulnerability in the DNP dissector in Ethereal 0.10.5 through 0.10.8 allows remote attackers to cause "memory corruption." cpe:/a:ethereal_group:ethereal:0.10.8 cpe:/a:ethereal_group:ethereal:0.10.6 cpe:/a:ethereal_group:ethereal:0.10.7 CVE-2005-0009 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:21.310-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-05-13T14:21:00.000-04:00 GENTOO GLSA-200501-27 SECUNIA 13946 XF ethereal-gnutella-dos(19002) REDHAT RHSA-2005:037 CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00017.html CIAC P-106 BID 12326 REDHAT RHSA-2005:011 FEDORA FLSA-2006:152922 MANDRAKE MDKSA-2005:013 Unknown vulnerability in the Gnutella dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service (application crash). cpe:/a:ethereal_group:ethereal:0.10.8 cpe:/a:ethereal_group:ethereal:0.10.4 cpe:/a:ethereal_group:ethereal:0.10.6 cpe:/a:ethereal_group:ethereal:0.10.5 cpe:/a:ethereal_group:ethereal:0.10.7 CVE-2005-0010 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:21.467-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-05-13T14:28:00.000-04:00 XF ethereal-mmse-free-memory(19003) SECUNIA 13946 REDHAT RHSA-2005:037 GENTOO GLSA-200501-27 CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00017.html CIAC P-106 BID 12326 REDHAT RHSA-2005:011 FEDORA FLSA-2006:152922 MANDRAKE MDKSA-2005:013 Unknown vulnerability in the MMSE dissector in Ethereal 0.10.4 through 0.10.8 allows remote attackers to cause a denial of service by triggering a free of statically allocated memory. cpe:/o:kde:kde:3.3.2 cpe:/o:kde:kde:3.3 cpe:/o:kde:kde:3.3.1 CVE-2005-0011 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:05.077-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-05-13T14:24:00.000-04:00 ALLOWS_ADMIN_ACCESS CONFIRM http://www.kde.org/info/security/advisory-20050215-1.txt SECUNIA 14306 FEDORA FEDORA-2005-148 GENTOO GLSA-200502-23 Multiple vulnerabilities in fliccd, when installed setuid root as part of the kdeedu Kstars support for Instrument Neutral Distributed Interface (INDI) in KDE 3.3 to 3.3.2, allow local users and remote attackers to execute arbitrary code via stack-based buffer overflows. cpe:/a:dillo:dillo_web_browser:0.5.1 cpe:/a:dillo:dillo_web_browser:0.7 cpe:/a:dillo:dillo_web_browser:0.8.3 cpe:/a:dillo:dillo_web_browser:0.6.2 cpe:/a:dillo:dillo_web_browser:0.7.1 cpe:/a:dillo:dillo_web_browser:0.8.2 cpe:/a:dillo:dillo_web_browser:0.2.4 cpe:/a:dillo:dillo_web_browser:0.7.3 cpe:/a:dillo:dillo_web_browser:0.6 cpe:/a:dillo:dillo_web_browser:0.4 cpe:/a:dillo:dillo_web_browser:0.8.1 cpe:/a:dillo:dillo_web_browser:0.3.1 cpe:/a:dillo:dillo_web_browser:0.7.1.2 cpe:/a:dillo:dillo_web_browser:0.8 cpe:/a:dillo:dillo_web_browser:0.2.3 cpe:/a:dillo:dillo_web_browser:0.3 cpe:/a:dillo:dillo_web_browser:0.6.3 cpe:/a:dillo:dillo_web_browser:0.6.1 cpe:/a:dillo:dillo_web_browser:0.6.4 cpe:/a:dillo:dillo_web_browser:0.6.6 cpe:/a:dillo:dillo_web_browser:0.7.2 cpe:/a:dillo:dillo_web_browser:0.2 cpe:/a:dillo:dillo_web_browser:0.2.1 cpe:/a:dillo:dillo_web_browser:0.2.2 cpe:/a:dillo:dillo_web_browser:0.6.5 CVE-2005-0012 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:05.247-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-13T14:27:00.000-04:00 ALLOWS_USER_ACCESS BID 12203 XF dillo-capi-format-string(18807) GENTOO GLSA-200501-11 SECUNIA 13760 SECUNIA 13764 Format string vulnerability in the a_Interface_msg function in Dillo before 0.8.3-r4 allows remote attackers to execute arbitrary code via format string specifiers in a web page. cpe:/a:ncpfs:ncpfs:2.2.1 cpe:/a:ncpfs:ncpfs:2.2.4 cpe:/a:ncpfs:ncpfs:2.2.3 cpe:/a:ncpfs:ncpfs:2.2.2 cpe:/a:ncpfs:ncpfs:2.2.5 CVE-2005-0013 2005-05-02T00:00:00.000-04:00 2008-09-10T15:34:45.617-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-05-13T14:35:00.000-04:00 ALLOWS_ADMIN_ACCESS DEBIAN DSA-665 GENTOO GLSA-200501-44 CONFIRM ftp://platan.vc.cvut.cz/pub/linux/ncpfs/Changes-2.2.6 BID 12400 FEDORA FLSA:152904 REDHAT RHSA-2005:371 OSVDB 13297 MANDRAKE MDKSA-2005:028 SECTRACK 1013019 nwclient.c in ncpfs before 2.2.6 does not drop root privileges before executing utilities using the NetWare client functions, which allows local users to gain privileges. cpe:/a:ncpfs:ncpfs:2.2.1 cpe:/a:ncpfs:ncpfs:2.2.4 cpe:/a:ncpfs:ncpfs:2.2.3 cpe:/a:ncpfs:ncpfs:2.2.2 cpe:/a:ncpfs:ncpfs:2.2.5 CVE-2005-0014 2005-05-02T00:00:00.000-04:00 2008-09-10T15:34:45.680-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-13T14:34:00.000-04:00 ALLOWS_USER_ACCESS GENTOO GLSA-200501-44 CONFIRM ftp://platan.vc.cvut.cz/pub/linux/ncpfs/Changes-2.2.6 BID 12400 FEDORA FLSA:152904 OSVDB 13298 MANDRAKE MDKSA-2005:028 SECTRACK 1013019 Buffer overflow in ncplogin in ncpfs before 2.2.6 allows remote malicious NetWare servers to execute arbitrary code on the NetWare client. cpe:/a:crosswire_bible_society:sword:1.5.7a CVE-2005-0015 2005-05-02T00:00:00.000-04:00 2008-09-10T15:34:45.743-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-13T14:42:00.000-04:00 ALLOWS_USER_ACCESS DEBIAN DSA-650 XF sword-diatheke-command-execution(18997) SECTRACK 1012955 SECUNIA 13897 BID 12320 SECUNIA 13941 diatheke.pl in Sword 1.5.7a allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. cpe:/a:gatos:gatos:0.0.5 CVE-2005-0016 2005-04-14T00:00:00.000-04:00 2008-09-05T16:45:05.950-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS DEBIAN DSA-640 SECUNIA 13884 XF gatos-xatitv-bo(18930) Buffer overflow in the exported_display function in xatitv in gatos before 0.0.5 allows local users to execute arbitrary code. CVE-2005-0017 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:06.107-04:00 2.1 LOCAL LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2005-05-13T14:41:00.000-04:00 DEBIAN DSA-661 GENTOO GLSA-200501-43 BID 12380 SECTRACK 1013028 SECUNIA 14067 SECUNIA 14052 SECUNIA 14041 The f2c translator in the f2c package 3.1 allows local users to read arbitrary files via a symlink attack on temporary files. cpe:/a:f2c_open_source_project:f2c_translator:3.1 CVE-2005-0018 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:06.263-04:00 2.1 LOCAL LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2005-05-13T14:50:00.000-04:00 BID 12380 DEBIAN DSA-661 SECTRACK 1013028 SECUNIA 14052 SECUNIA 14041 The f2 shell script in the f2c package 3.1 allows local users to read arbitrary files via a symlink attack on temporary files. cpe:/a:yongguang_zhang:hztty:2.0 CVE-2005-0019 2005-04-27T00:00:00.000-04:00 2008-09-05T16:45:06.417-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS BID 12518 DEBIAN DSA-675 XF hztty-command-execution(19297) SECTRACK 1013154 SECUNIA 14236 Unknown vulnerability in hztty 2.0 and earlier allows local users to execute arbitrary commands. cpe:/o:mandrakesoft:mandrake_linux:10.1 cpe:/o:mandrakesoft:mandrake_linux:10.0::amd64 cpe:/a:playmidi:playmidi:2.3.9 cpe:/a:playmidi:playmidi:2.3.7 cpe:/a:playmidi:playmidi:2.3.6 cpe:/a:playmidi:playmidi:2.3.4 cpe:/o:mandrakesoft:mandrake_linux:10.1::x86_64 cpe:/a:playmidi:playmidi:2.3.16 cpe:/a:playmidi:playmidi:2.3.19 cpe:/a:playmidi:playmidi:2.3.20 cpe:/a:playmidi:playmidi:2.3.3 cpe:/a:playmidi:playmidi:2.3.14 cpe:/a:playmidi:playmidi:2.3.13 cpe:/a:playmidi:playmidi:2.3.22 cpe:/a:playmidi:playmidi:2.3.24 cpe:/a:playmidi:playmidi:2.3.26 cpe:/a:playmidi:playmidi:2.3.2 cpe:/a:playmidi:playmidi:2.3.12 cpe:/a:playmidi:playmidi:2.3.23 cpe:/a:playmidi:playmidi:2.3.18 cpe:/a:playmidi:playmidi:2.3.11 cpe:/a:playmidi:playmidi:2.3.10 cpe:/a:playmidi:playmidi:2.3.25 cpe:/a:playmidi:playmidi:2.3.25.1 cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0 cpe:/a:playmidi:playmidi:2.3.17 cpe:/a:playmidi:playmidi:2.3.15 cpe:/a:playmidi:playmidi:2.3.1 cpe:/o:mandrakesoft:mandrake_linux:10.0 cpe:/a:playmidi:playmidi:2.3.8 cpe:/a:playmidi:playmidi:2.3.5 cpe:/a:playmidi:playmidi:2.3.21 CVE-2005-0020 2005-04-14T00:00:00.000-04:00 2008-09-10T15:34:46.103-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS DEBIAN DSA-641 XF playmidi-bo(18933) BID 12274 OSVDB 13049 MANDRAKE MDKSA-2005:010 SECTRACK 1012957 SECUNIA 13898 SECUNIA 13890 SECUNIA 13828 Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code. cpe:/a:university_of_cambridge:exim:4.40 cpe:/a:university_of_cambridge:exim:4.41 cpe:/a:university_of_cambridge:exim:4.42 CVE-2005-0021 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:22.653-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-05-13T14:48:00.000-04:00 ALLOWS_ADMIN_ACCESS CERT-VN VU#132992 REDHAT RHSA-2005:025 IDEFENSE 20050114 Exim dns_buld_reverse() Buffer Overflow Vulnerability IDEFENSE 20050107 Exim host_aton() Buffer Overflow Vulnerability MLIST [exim] 20050104 2 smallish security issues DEBIAN DSA-637 DEBIAN DSA-635 GENTOO GLSA-200501-23 CONFIRM http://ftp6.us.freebsd.org/pub/mail/exim/ChangeLogs/ChangeLog-4.44 Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function, or (2) the -bh command line option or dnsdb PTR lookup, which triggers an overflow in the dns_build_reverse function. cpe:/a:university_of_cambridge:exim:4.40 cpe:/a:university_of_cambridge:exim:4.41 cpe:/a:university_of_cambridge:exim:4.42 CVE-2005-0022 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:22.797-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-13T14:57:00.000-04:00 ALLOWS_USER_ACCESS REDHAT RHSA-2005:025 MLIST [exim] 20050104 2 smallish security issues IDEFENSE 20050107 Exim auth_spa_server() Buffer Overflow Vulnerability GENTOO GLSA-200501-23 BUGTRAQ 20050212 exim auth_spa_server() PoC exploit CONFIRM http://ftp6.us.freebsd.org/pub/mail/exim/ChangeLogs/ChangeLog-4.44 BID 12188 Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication. cpe:/a:gnome:libvte4 cpe:/a:gnome:libzvt2:1.4.2.19 CVE-2005-0023 2005-10-05T17:02:00.000-04:00 2011-03-07T21:19:27.267-05:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-10-06T14:34:00.000-04:00 XF libzvt-gnomeptyhelper-spoof(22496) VUPEN ADV-2005-1931 BID 15004 SECUNIA 17023 BUGTRAQ 20051007 gnome-pty-helper writes arbitrary utmp records MISC http://bugzilla.gnome.org/show_bug.cgi?id=317312 MISC http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=330907 gnome-pty-helper in GNOME libzvt2 and libvte4 allows local users to spoof the logon hostname via a modified DISPLAY environment variable. NOTE: the severity of this issue has been disputed. cpe:/a:isc:bind:8.4.4 cpe:/a:isc:bind:8.4.5 CVE-2005-0033 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:07.293-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-05-13T15:01:00.000-04:00 CERT-VN VU#327633 MISC http://www.uniras.gov.uk/niscc/docs/al-20050125-00059.html CONFIRM http://www.isc.org/index.pl?/sw/bind/bind8.php CONFIRM http://www.isc.org/index.pl?/sw/bind/bind-security.php XF bind-qusedns-bo(19063) BID 12364 SECTRACK 1012996 SECUNIA 18291 SECUNIA 14009 SCO SCOSA-2006.1 Buffer overflow in the code for recursion and glue fetching in BIND 8.4.4 and 8.4.5 allows remote attackers to cause a denial of service (crash) via queries that trigger the overflow in the q_usedns array that tracks nameservers and addresses. cpe:/a:isc:bind:9.3.0 CVE-2005-0034 2005-05-02T00:00:00.000-04:00 2008-09-05T00:00:00.000-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-05-13T15:13:00.000-04:00 CERT-VN VU#938617 XF bind-named-dns-dos(19062) MISC http://www.uniras.gov.uk/niscc/docs/al-20050125-00060.html CONFIRM http://www.isc.org/index.pl?/sw/bind/bind-security.php TRUSTIX 2005-0003 BID 12365 CONFIRM http://www.isc.org/index.pl?/sw/bind/bind9.php SECTRACK 1012995 SECUNIA 14008 An "incorrect assumption" in the authvalidated validator function in BIND 9.3.0, when DNSSEC is enabled, allows remote attackers to cause a denial of service (named server exit) via crafted DNS packets that cause an internal consistency test (self-check) to fail. cpe:/a:adobe:acrobat_reader:4.5 cpe:/a:adobe:acrobat_reader:7.0 cpe:/a:adobe:acrobat_reader:6.0.3 cpe:/a:adobe:acrobat_reader:5.0.5 cpe:/a:adobe:acrobat_reader:6.0.2 cpe:/a:adobe:acrobat_reader:6.0 cpe:/a:adobe:acrobat_reader:5.0 cpe:/a:adobe:acrobat_reader:5.1 cpe:/a:adobe:acrobat_reader:6.0.1 CVE-2005-0035 2005-05-02T00:00:00.000-04:00 2011-03-07T21:19:27.673-05:00 5.1 NETWORK HIGH NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-13T15:31:00.000-04:00 ALLOWS_OTHER_ACCESS VUPEN ADV-2005-0310 MISC http://www.niscc.gov.uk/niscc/docs/re-20050401-00264.pdf MISC http://www.hyperdose.com/advisories/H2005-06.txt CONFIRM http://www.adobe.com/support/techdocs/331465.html BID 12989 OSVDB 15242 SECUNIA 14813 The Acrobat web control in Adobe Acrobat and Acrobat Reader 7.0 and earlier, when used with Internet Explorer, allows remote attackers to determine the existence of arbitrary files via the LoadFile ActiveX method. cpe:/a:delegate:delegate:8.9.5 cpe:/a:delegate:delegate:7.8.2 cpe:/a:delegate:delegate:8.3.4 cpe:/a:delegate:delegate:8.9.6 cpe:/a:etl:delegate:5.9 cpe:/a:delegate:delegate:8.3.3 cpe:/a:delegate:delegate:7.7.1 cpe:/a:delegate:delegate:8.9.4 cpe:/a:delegate:delegate:7.8.1 cpe:/a:delegate:delegate:8.10.1 cpe:/a:delegate:delegate:8.9.1 cpe:/a:delegate:delegate:8.5.0 cpe:/a:delegate:delegate:7.7.0 cpe:/a:delegate:delegate:5.9.3 cpe:/a:delegate:delegate:8.4.0 cpe:/a:etl:delegate:6.0 cpe:/a:delegate:delegate:7.9.11 cpe:/a:delegate:delegate:8.10 cpe:/a:delegate:delegate:8.9.3 cpe:/a:delegate:delegate:8.9 cpe:/a:delegate:delegate:8.10.2 cpe:/a:delegate:delegate:8.9.2 cpe:/a:delegate:delegate:7.8.0 CVE-2005-0036 2005-12-31T00:00:00.000-05:00 2008-09-05T16:45:07.777-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2006-04-28T13:39:00.000-04:00 MISC http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en MISC http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html BID 13729 OSVDB 25291 The DNS implementation in DeleGate 8.10.2 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop. cpe:/a:dnrd:dnrd:1.4 cpe:/a:dnrd:dnrd:2.4 cpe:/a:dnrd:dnrd:1.1 cpe:/a:dnrd:dnrd:2.1 cpe:/a:dnrd:dnrd:2.8 cpe:/a:dnrd:dnrd:2.3 cpe:/a:dnrd:dnrd:1.2 cpe:/a:dnrd:dnrd:2.7 cpe:/a:dnrd:dnrd:2.0 cpe:/a:dnrd:dnrd:2.5 cpe:/a:dnrd:dnrd:1.0 cpe:/a:dnrd:dnrd:1.3 cpe:/a:dnrd:dnrd:2.9 cpe:/a:dnrd:dnrd:2.6 cpe:/a:dnrd:dnrd:2.2 CVE-2005-0037 2005-12-31T00:00:00.000-05:00 2008-09-05T16:45:08.060-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2006-04-28T13:43:00.000-04:00 MISC http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html BID 13729 OSVDB 25291 MISC http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en The DNS implementation of DNRD before 2.10 allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop. cpe:/a:powerdns:powerdns:2.9.7 cpe:/a:powerdns:powerdns:2.9.0 cpe:/a:powerdns:powerdns:2.9.16 cpe:/a:powerdns:powerdns:2.9.8 cpe:/a:powerdns:powerdns:2.9.12 cpe:/a:powerdns:powerdns:2.9.13 cpe:/a:powerdns:powerdns:2.9.3a cpe:/a:powerdns:powerdns:2.9.10 cpe:/a:powerdns:powerdns:2.9.14 cpe:/a:powerdns:powerdns:2.0_rc1 cpe:/a:powerdns:powerdns:2.8 cpe:/a:powerdns:powerdns:2.9.11 cpe:/a:powerdns:powerdns:2.9.5 cpe:/a:powerdns:powerdns:2.9.2 cpe:/a:powerdns:powerdns:2.9.1 cpe:/a:powerdns:powerdns:2.9.15 cpe:/a:powerdns:powerdns:2.9.4 cpe:/a:powerdns:powerdns:2.9.6 CVE-2005-0038 2005-12-31T00:00:00.000-05:00 2008-09-05T16:45:08.247-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2006-04-28T13:46:00.000-04:00 MISC http://www.niscc.gov.uk/niscc/docs/al-20050524-00433.html BID 13729 OSVDB 25291 MISC http://www.niscc.gov.uk/niscc/docs/re-20050524-00432.pdf?lang=en The DNS implementation of PowerDNS 2.9.16 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop. cpe:/a:nissc:ipsec:1.0 CVE-2005-0039 2005-05-10T00:00:00.000-04:00 2011-03-07T21:19:27.923-05:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov 2005-05-12T14:12:00.000-04:00 CERT-VN VU#302220 VUPEN ADV-2005-2806 VUPEN ADV-2005-0507 HP SSRT5957 MISC http://www.niscc.gov.uk/niscc/docs/al-20050509-00386.html?lang=en BID 13562 HP HPSBTU01217 SECTRACK 1015320 SECUNIA 17938 BUGTRAQ 20050509 NISCC Vulnerability Advisory IPSEC - 004033 Certain configurations of IPsec, when using Encapsulating Security Payload (ESP) in tunnel mode, integrity protection at a higher layer, or Authentication Header (AH), allow remote attackers to decrypt IPSec communications by modifying the outer packet in ways that cause plaintext data from the inner packet to be returned in ICMP messages, as demonstrated using bit-flipping attacks and (1) Destination Address Rewriting, (2) a modified header length that causes portions of the packet to be interpreted as IP Options, or (3) a modified protocol field and source address. cpe:/a:dotnetnuke:dotnetnuke:3.0.11 CVE-2005-0040 2005-05-19T00:00:00.000-04:00 2008-09-05T16:45:08.590-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-05-26T11:49:00.000-04:00 MISC http://www.woany.co.uk/advisories/dotnetnukexss.txt SECUNIA 15397 BUGTRAQ 20050516 DotNetNuke (Multiple XSS) BID 13647 BID 13646 BID 13644 Multiple cross-site scripting (XSS) vulnerabilities in DotNetNuke before 3.0.12 allow remote attackers to inject arbitrary web script or HTML via the (1) register a new user page, (2) User-Agent, or (3) Username, which is not properly quoted before sending to the error log. cpe:/a:apple:itunes:4.7 CVE-2005-0043 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:08.747-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-13T15:19:00.000-04:00 ALLOWS_USER_ACCESS CERT-VN VU#377368 IDEFENSE 20050113 Apple iTunes Playlist Parsing Buffer Overflow Vulnerability APPLE APPLE-SA-2005-01-11 XF itunes-m3u-pls-bo(18851) BID 12238 OSVDB 12833 SECTRACK 1012839 SECUNIA 13804 Buffer overflow in Apple iTunes 4.7 allows remote attackers to execute arbitrary code via a long URL in (1) .m3u or (2) .pls playlist files. cpe:/o:microsoft:windows_me cpe:/o:microsoft:windows_98::gold cpe:/o:microsoft:windows_2000::sp1:datacenter_server cpe:/a:microsoft:exchange_server:5.0 cpe:/o:microsoft:windows_2003_server:r2::64-bit cpe:/o:microsoft:windows_2000::sp3:datacenter_server cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_2003_server:r2::datacenter_64-bit cpe:/o:microsoft:windows_2000::sp2:advanced_server cpe:/o:microsoft:windows_2000::sp2:professional cpe:/o:microsoft:windows_2000::sp3:server cpe:/o:microsoft:windows_2003_server:enterprise::64-bit cpe:/o:microsoft:windows_2000:::advanced_server cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_2000:::professional cpe:/o:microsoft:windows_2000::sp4:server cpe:/o:microsoft:windows_xp::sp1:home cpe:/o:microsoft:windows_2003_server:standard::64-bit cpe:/o:microsoft:windows_2003_server:enterprise_64-bit cpe:/o:microsoft:windows_98se cpe:/o:microsoft:windows_2000::sp1:professional cpe:/o:microsoft:windows_2000:::datacenter_server cpe:/o:microsoft:windows_xp:::media_center cpe:/o:microsoft:windows_2000::sp3:professional cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_2000::sp1:server cpe:/o:microsoft:windows_2000::sp3:advanced_server cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_2000::sp2:datacenter_server cpe:/o:microsoft:windows_xp::sp2:home cpe:/o:microsoft:windows_xp::sp2:media_center cpe:/o:microsoft:windows_2003_server:web cpe:/o:microsoft:windows_2000:::server cpe:/o:microsoft:windows_2000::sp4:datacenter_server cpe:/o:microsoft:windows_xp::sp2:tablet_pc cpe:/o:microsoft:windows_2000::sp1:advanced_server cpe:/o:microsoft:windows_2000::sp2:server cpe:/o:microsoft:windows_2000::sp4:professional cpe:/o:microsoft:windows_xp::sp1:media_center cpe:/o:microsoft:windows_2000::sp4:advanced_server CVE-2005-0044 2005-05-02T00:00:00.000-04:00 2008-09-10T15:34:49.367-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-13T15:26:00.000-04:00 ALLOWS_USER_ACCESS CERT-VN VU#927889 CERT TA05-039A MS MS05-012 XF win-ole-code-execution(19109) The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the lengths of messages for certain OLE data, which allows remote attackers to execute arbitrary code, aka the "Input Validation Vulnerability." cpe:/o:microsoft:windows_nt:4.0:sp1:server cpe:/o:microsoft:windows_nt:4.0::server cpe:/o:microsoft:windows_nt:4.0:sp5:workstation cpe:/o:microsoft:windows_nt:4.0:sp3:workstation cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_nt:4.0::enterprise_server cpe:/o:microsoft:windows_2003_server:r2::datacenter_64-bit cpe:/o:microsoft:windows_2000::sp2:advanced_server cpe:/o:microsoft:windows_2003_server:enterprise::64-bit cpe:/o:microsoft:windows_2000::sp2:professional cpe:/o:microsoft:windows_nt:4.0:sp1:workstation cpe:/o:microsoft:windows_nt:4.0:sp4:workstation cpe:/o:microsoft:windows_2000:::professional cpe:/o:microsoft:windows_nt:4.0:sp5:enterprise_server cpe:/o:microsoft:windows_xp::sp1:home cpe:/o:microsoft:windows_2003_server:standard::64-bit cpe:/o:microsoft:windows_nt:4.0:sp6a:server cpe:/o:microsoft:windows_2003_server:enterprise_64-bit cpe:/o:microsoft:windows_2000::sp1:professional cpe:/o:microsoft:windows_nt:4.0:sp2:enterprise_server cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_nt:4.0:sp2:server cpe:/o:microsoft:windows_nt:4.0:sp3:server cpe:/o:microsoft:windows_nt:4.0:sp4:enterprise_server cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_nt:4.0:sp4:terminal_server cpe:/o:microsoft:windows_xp::sp2:home cpe:/o:microsoft:windows_2000:::server cpe:/o:microsoft:windows_xp::sp2:tablet_pc cpe:/o:microsoft:windows_nt:4.0:sp1:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp3:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp4:server cpe:/o:microsoft:windows_xp::sp1:media_center cpe:/o:microsoft:windows_nt:4.0::terminal_server cpe:/o:microsoft:windows_nt:4.0:sp1:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6a:enterprise_server cpe:/o:microsoft:windows_2003_server:r2::64-bit cpe:/o:microsoft:windows_nt:4.0:sp6a:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6a:workstation cpe:/o:microsoft:windows_2000::sp3:server cpe:/o:microsoft:windows_2000:::advanced_server cpe:/o:microsoft:windows_nt:4.0:sp2:workstation cpe:/o:microsoft:windows_nt:4.0:sp3:enterprise_server cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_2000::sp4:server cpe:/o:microsoft:windows_xp:::media_center cpe:/o:microsoft:windows_2000::sp3:professional cpe:/o:microsoft:windows_2000::sp1:server cpe:/o:microsoft:windows_2000::sp3:advanced_server cpe:/o:microsoft:windows_xp::sp2:media_center cpe:/o:microsoft:windows_2003_server:web cpe:/o:microsoft:windows_2000::sp1:advanced_server cpe:/o:microsoft:windows_nt:4.0:sp5:server cpe:/o:microsoft:windows_nt:4.0::workstation cpe:/o:microsoft:windows_nt:4.0:sp5:terminal_server cpe:/o:microsoft:windows_2000::sp2:server cpe:/o:microsoft:windows_nt:4.0:sp2:terminal_server cpe:/o:microsoft:windows_2000::sp4:professional cpe:/o:microsoft:windows_2000::sp4:advanced_server CVE-2005-0045 2005-05-02T00:00:00.000-04:00 2008-09-10T15:34:49.447-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-13T15:32:00.000-04:00 ALLOWS_USER_ACCESS CERT TA05-039A CERT-VN VU#652537 XF win-smb-code-execution(19089) MS MS05-011 NTBUGTRAQ 20050209 EEYE: Windows SMB Client Transaction Response Handling Vulnerability BUGTRAQ 20050309 Update: MS05-011 EEYE: Windows SMB Client Transaction Response Handling Vulnerability BUGTRAQ 20050209 EEYE: Windows SMB Client Transaction Response Handling Vulnerability BID 12484 The Server Message Block (SMB) implementation for Windows NT 4.0, 2000, XP, and Server 2003 does not properly validate certain SMB packets, which allows remote attackers to execute arbitrary code via Transaction responses containing (1) Trans or (2) Trans2 commands, aka the "Server Message Block Vulnerability," and as demonstrated using Trans2 FIND_FIRST2 responses with large file name length fields. cpe:/o:microsoft:windows_2000::sp1:datacenter_server cpe:/o:microsoft:windows_2003_server:r2::64-bit cpe:/o:microsoft:windows_2000::sp3:datacenter_server cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_2003_server:r2::datacenter_64-bit cpe:/o:microsoft:windows_2000::sp2:advanced_server cpe:/o:microsoft:windows_2000::sp2:professional cpe:/o:microsoft:windows_2000::sp3:server cpe:/o:microsoft:windows_2003_server:enterprise::64-bit cpe:/o:microsoft:windows_2000:::advanced_server cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_2000:::professional cpe:/o:microsoft:windows_2000::sp4:server cpe:/o:microsoft:windows_xp::sp1:home cpe:/o:microsoft:windows_2003_server:standard::64-bit cpe:/o:microsoft:windows_2003_server:enterprise_64-bit cpe:/o:microsoft:windows_2000::sp1:professional cpe:/o:microsoft:windows_2000:::datacenter_server cpe:/o:microsoft:windows_xp:::media_center cpe:/o:microsoft:windows_2000::sp3:professional cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_2000::sp1:server cpe:/o:microsoft:windows_2000::sp3:advanced_server cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_2000::sp2:datacenter_server cpe:/o:microsoft:windows_xp::sp2:home cpe:/o:microsoft:windows_xp::sp2:media_center cpe:/o:microsoft:windows_2003_server:web cpe:/o:microsoft:windows_2000:::server cpe:/o:microsoft:windows_2000::sp4:datacenter_server cpe:/o:microsoft:windows_xp::sp2:tablet_pc cpe:/o:microsoft:windows_2000::sp1:advanced_server cpe:/o:microsoft:windows_2000::sp2:server cpe:/o:microsoft:windows_2000::sp4:professional cpe:/o:microsoft:windows_xp::sp1:media_center cpe:/o:microsoft:windows_2000::sp4:advanced_server CVE-2005-0047 2005-05-02T00:00:00.000-04:00 2008-09-10T15:34:49.617-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-05-13T15:36:00.000-04:00 ALLOWS_ADMIN_ACCESS CERT TA05-039A CERT-VN VU#597889 MS MS05-012 XF win-com-gain-privileges(19105) MISC http://www.argeniss.com/research/SSExploit.c BUGTRAQ 20050530 [Argeniss] MS05-012 Exploit Windows 2000, XP, and Server 2003 does not properly "validate the use of memory regions" for COM structured storage files, which allows attackers to execute arbitrary code, aka the "COM Structured Storage Vulnerability." cpe:/o:microsoft:windows_2000::sp1:datacenter_server cpe:/o:microsoft:windows_2000::sp3:datacenter_server cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_2000::sp2:advanced_server cpe:/o:microsoft:windows_2000::sp2:professional cpe:/o:microsoft:windows_2000::sp3:server cpe:/o:microsoft:windows_2000:::advanced_server cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_2000:::professional cpe:/o:microsoft:windows_2000::sp4:server cpe:/o:microsoft:windows_xp::sp1:home cpe:/o:microsoft:windows_2000::sp1:professional cpe:/o:microsoft:windows_2000:::datacenter_server cpe:/o:microsoft:windows_xp:::media_center cpe:/o:microsoft:windows_2000::sp3:professional cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_2000::sp1:server cpe:/o:microsoft:windows_2000::sp3:advanced_server cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_2000::sp2:datacenter_server cpe:/o:microsoft:windows_xp::sp1:embedded cpe:/o:microsoft:windows_2000:::server cpe:/o:microsoft:windows_2000::sp4:datacenter_server cpe:/o:microsoft:windows_xp::sp2:tablet_pc cpe:/o:microsoft:windows_2000::sp1:advanced_server cpe:/o:microsoft:windows_2000::sp2:server cpe:/o:microsoft:windows_xp:::embedded cpe:/o:microsoft:windows_2000::sp4:professional cpe:/o:microsoft:windows_xp::sp1:media_center cpe:/o:microsoft:windows_2000::sp4:advanced_server CVE-2005-0048 2005-05-02T00:00:00.000-04:00 2008-09-10T15:34:50.353-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-13T15:40:00.000-04:00 ALLOWS_USER_ACCESS CERT TA05-102A CERT-VN VU#233754 MS MS05-019 ISS 20050412 Windows IP Options Remote Compromise Microsoft Windows XP SP2 and earlier, 2000 SP3 and SP4, Server 2003, and older operating systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IP packets with malformed options, aka the "IP Validation Vulnerability." cpe:/a:microsoft:sharepoint_portal_server:2003 cpe:/a:microsoft:sharepoint_team_services cpe:/a:microsoft:sharepoint_portal_server:2003:sp1 CVE-2005-0049 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:09.933-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-05-13T15:46:00.000-04:00 CERT TA05-039A CERT-VN VU#340409 MS MS05-006 XF win-sharepoint-services-xss(19091) Windows SharePoint Services and SharePoint Team Services for Windows Server 2003 does not properly validate an HTTP redirection query, which allows remote attackers to inject arbitrary HTML and web script via a cross-site scripting (XSS) attack, or to spoof the web cache. cpe:/o:microsoft:windows_nt:4.0:sp1:server cpe:/o:microsoft:windows_nt:4.0::terminal_server cpe:/o:microsoft:windows_nt:4.0:sp1:enterprise_server cpe:/o:microsoft:windows_nt:4.0::server cpe:/o:microsoft:windows_2000::sp1:datacenter_server cpe:/o:microsoft:windows_nt:4.0:sp6a:enterprise_server cpe:/o:microsoft:windows_2003_server:r2::64-bit cpe:/o:microsoft:windows_2000::sp3:datacenter_server cpe:/o:microsoft:windows_nt:4.0:sp6a:terminal_server cpe:/o:microsoft:windows_2003_server:r2::datacenter_64-bit cpe:/o:microsoft:windows_nt:4.0::enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6:enterprise_server cpe:/o:microsoft:windows_2000::sp2:advanced_server cpe:/o:microsoft:windows_2000::sp3:server cpe:/o:microsoft:windows_2003_server:enterprise::64-bit cpe:/o:microsoft:windows_2000:::advanced_server cpe:/o:microsoft:windows_nt:4.0:sp3:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp5:enterprise_server cpe:/o:microsoft:windows_2000::sp4:server cpe:/o:microsoft:windows_nt:4.0:sp6a:server cpe:/o:microsoft:windows_2003_server:standard::64-bit cpe:/o:microsoft:windows_2003_server:enterprise_64-bit cpe:/o:microsoft:windows_nt:4.0:sp6:terminal_server cpe:/o:microsoft:windows_2000:::datacenter_server cpe:/o:microsoft:windows_2003_server:2003::small_business_server cpe:/o:microsoft:windows_nt:4.0:sp2:enterprise_server cpe:/o:microsoft:windows_2000::sp1:server cpe:/o:microsoft:windows_nt:4.0:sp2:server cpe:/o:microsoft:windows_2003_server:2000::small_business_server cpe:/o:microsoft:windows_nt:4.0:sp4:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp3:server cpe:/o:microsoft:windows_2000::sp3:advanced_server cpe:/o:microsoft:windows_nt:4.0:sp4:terminal_server cpe:/o:microsoft:windows_2000::sp2:datacenter_server cpe:/o:microsoft:windows_2000:::server cpe:/o:microsoft:windows_2000::sp4:datacenter_server cpe:/o:microsoft:windows_2003_server:web cpe:/o:microsoft:windows_nt:4.0:sp5:server cpe:/o:microsoft:windows_2000::sp1:advanced_server cpe:/o:microsoft:windows_nt:4.0:sp5:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6:server cpe:/o:microsoft:windows_2000::sp2:server cpe:/o:microsoft:windows_nt:4.0:sp2:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp1:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp3:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp4:server cpe:/o:microsoft:windows_2000::sp4:advanced_server CVE-2005-0050 2005-05-02T00:00:00.000-04:00 2009-04-03T00:00:00.000-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-05-13T15:50:00.000-04:00 CERT TA05-039A CERT-VN VU#130433 MS MS05-010 XF win-license-code-execution(19101) The License Logging service for Windows NT Server, Windows 2000 Server, and Windows Server 2003 does not properly validate the length of messages, which leads to an "unchecked buffer" and allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, aka the "License Logging Service Vulnerability." cpe:/o:microsoft:windows_xp::sp2:tablet_pc cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_xp::sp1:tablet_pc CVE-2005-0051 2005-05-02T00:00:00.000-04:00 2008-09-10T15:34:50.557-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-13T15:51:00.000-04:00 ALLOWS_OTHER_ACCESS CERT TA05-039A CERT-VN VU#939074 MS MS05-007 XF win-named-pipe-information-disclosure(19093) BID 12486 SECTRACK 1013112 SECUNIA 14189 The Server service (srvsvc.dll) in Windows XP SP1 and SP2 allows remote attackers to obtain sensitive information (users who are accessing resources) via an anonymous logon using a named pipe, which is not properly authenticated, aka the "Named Pipe Vulnerability." cpe:/o:microsoft:windows_me cpe:/o:microsoft:windows_98::gold cpe:/o:microsoft:windows_2000::sp1:datacenter_server cpe:/a:microsoft:ie:5.0.1:sp4 cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_2003_server:r2::datacenter_64-bit cpe:/o:microsoft:windows_2000::sp2:advanced_server cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.5 cpe:/o:microsoft:windows_2000::sp2:professional cpe:/o:microsoft:windows_2003_server:enterprise::64-bit cpe:/a:microsoft:ie:5.0.1 cpe:/o:microsoft:windows_2000:::professional cpe:/a:microsoft:ie:6.0:sp1 cpe:/o:microsoft:windows_2003_server:standard::64-bit cpe:/o:microsoft:windows_xp::sp1:home cpe:/o:microsoft:windows_2003_server:enterprise_64-bit cpe:/o:microsoft:windows_98se cpe:/o:microsoft:windows_2000::sp1:professional cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_2000::sp2:datacenter_server cpe:/o:microsoft:windows_xp::sp2:home cpe:/o:microsoft:windows_2000:::server cpe:/o:microsoft:windows_2000::sp4:datacenter_server cpe:/o:microsoft:windows_xp::sp2:tablet_pc cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:5.5:sp2 cpe:/o:microsoft:windows_xp::sp1:media_center cpe:/o:microsoft:windows_2003_server:r2::64-bit cpe:/o:microsoft:windows_2000::sp3:datacenter_server cpe:/o:microsoft:windows_2000::sp3:server cpe:/o:microsoft:windows_2000:::advanced_server cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_2000::sp4:server cpe:/o:microsoft:windows_2000:::datacenter_server cpe:/o:microsoft:windows_xp:::media_center cpe:/o:microsoft:windows_2000::sp3:professional cpe:/a:microsoft:ie:6.0:sp2 cpe:/o:microsoft:windows_2000::sp1:server cpe:/a:microsoft:ie:5.5:sp1 cpe:/o:microsoft:windows_2000::sp3:advanced_server cpe:/a:microsoft:ie:6.0 cpe:/o:microsoft:windows_xp::sp2:media_center cpe:/o:microsoft:windows_2003_server:web cpe:/o:microsoft:windows_2000::sp1:advanced_server cpe:/o:microsoft:windows_2000::sp2:server cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/o:microsoft:windows_2000::sp4:professional cpe:/o:microsoft:windows_2000::sp4:advanced_server CVE-2005-0053 2005-05-02T00:00:00.000-04:00 2008-09-10T15:34:50.633-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-13T15:58:00.000-04:00 ALLOWS_USER_ACCESS CERT TA05-039A CERT-VN VU#698835 XF ie-dragdrop-gain-privileges(19117) BID 11466 MS MS05-014 MS MS05-008 Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability." cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:6:windows_server_2003_sp1 cpe:/a:microsoft:ie:5.01 CVE-2005-0054 2005-05-02T00:00:00.000-04:00 2008-09-10T15:34:50.697-04:00 5.1 NETWORK HIGH NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-13T16:00:00.000-04:00 ALLOWS_USER_ACCESS CERT TA05-039A CERT-VN VU#580299 MS MS05-014 BUGTRAQ 20050209 Internet Explorer zone spoofing with encoded URLs XF ie-file-url-encode(19214) Internet Explorer 5.01, 5.5, and 6 allows remote attackers to spoof a less restrictive security zone and execute arbitrary code via an HTML page containing URLs that contain hostnames that have been double hex encoded, which are decoded twice to generate a malicious hostname, aka the "URL Decoding Zone Spoofing Vulnerability." cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1 cpe:/a:microsoft:ie:5.0.1:sp4 cpe:/a:microsoft:ie:6.0:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:6.0:sp1 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 CVE-2005-0055 2005-05-02T00:00:00.000-04:00 2008-12-06T00:34:18.830-05:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-13T16:09:00.000-04:00 ALLOWS_USER_ACCESS CERT TA05-039A CERT-VN VU#843771 MS MS05-014 XF ie-cdf-execute-code(19137) SECTRACK 1013125 Internet Explorer 5.01, 5.5, and 6 does not properly validate buffers when handling certain DHTML methods including the createControlRange Javascript function, which allows remote attackers to execute arbitrary code, aka the "DHTML Method Heap Memory Corruption Vulnerability." cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:6:windows_server_2003_sp1 cpe:/a:microsoft:ie:5.01 CVE-2005-0056 2005-05-02T00:00:00.000-04:00 2008-09-10T15:34:50.837-04:00 5.1 NETWORK HIGH NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-13T16:02:00.000-04:00 ALLOWS_USER_ACCESS CERT TA05-039A CERT-VN VU#823971 BID 12427 MS MS05-014 XF ie-cdf-execute-code(19137) SECTRACK 1013126 Internet Explorer 5.01, 5.5, and 6 does not properly validate certain URLs in Channel Definition Format (CDF) files, which allows remote attackers to obtain sensitive information or execute arbitrary code, aka the "Channel Definition Format (CDF) Cross Domain Vulnerability." cpe:/o:microsoft:windows_me cpe:/o:microsoft:windows_98::gold cpe:/o:microsoft:windows_2000::sp1:datacenter_server cpe:/o:microsoft:windows_2003_server:r2::64-bit cpe:/o:microsoft:windows_2000::sp3:datacenter_server cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_2003_server:r2::datacenter_64-bit cpe:/o:microsoft:windows_2000::sp2:advanced_server cpe:/o:microsoft:windows_2000::sp2:professional cpe:/o:microsoft:windows_2000::sp3:server cpe:/o:microsoft:windows_2003_server:enterprise::64-bit cpe:/o:microsoft:windows_2000:::advanced_server cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_2000:::professional cpe:/o:microsoft:windows_2000::sp4:server cpe:/o:microsoft:windows_xp::sp1:home cpe:/o:microsoft:windows_2003_server:standard::64-bit cpe:/o:microsoft:windows_2003_server:enterprise_64-bit cpe:/o:microsoft:windows_98se cpe:/o:microsoft:windows_2000::sp1:professional cpe:/o:microsoft:windows_2000:::datacenter_server cpe:/o:microsoft:windows_xp:::media_center cpe:/o:microsoft:windows_2000::sp3:professional cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_2000::sp1:server cpe:/o:microsoft:windows_2000::sp3:advanced_server cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_2000::sp2:datacenter_server cpe:/o:microsoft:windows_xp::sp2:home cpe:/o:microsoft:windows_xp::sp2:media_center cpe:/o:microsoft:windows_2003_server:web cpe:/o:microsoft:windows_2000:::server cpe:/o:microsoft:windows_2000::sp4:datacenter_server cpe:/o:microsoft:windows_xp::sp2:tablet_pc cpe:/o:microsoft:windows_2000::sp1:advanced_server cpe:/o:microsoft:windows_2000::sp2:server cpe:/o:microsoft:windows_2000::sp4:professional cpe:/o:microsoft:windows_xp::sp1:media_center cpe:/o:microsoft:windows_2000::sp4:advanced_server CVE-2005-0057 2005-05-02T00:00:00.000-04:00 2008-09-10T15:34:50.913-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-13T16:13:00.000-04:00 ALLOWS_USER_ACCESS CERT TA05-039A CERT-VN VU#820427 MS MS05-015 XF win-hyperlink-code-execution(19110) BID 12479 SECTRACK 1013119 SECUNIA 14195 The Hyperlink Object Library for Windows 98, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a crafted link that triggers an "unchecked buffer" in the library, possibly due to a buffer overflow. cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2003_server:r2 cpe:/o:microsoft:windows_me cpe:/o:microsoft:windows_98::gold cpe:/o:microsoft:windows_xp::gold cpe:/o:microsoft:windows_98se CVE-2005-0058 2005-08-10T00:00:00.000-04:00 2008-09-10T15:34:50.993-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-08-10T07:34:00.000-04:00 ALLOWS_USER_ACCESS MS MS05-040 SECUNIA 16354 BID 14518 SECTRACK 1014639 Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers elevate privileges or execute arbitrary code via a crafted message. cpe:/o:microsoft:windows_98::gold cpe:/o:microsoft:windows_2000::sp1:datacenter_server cpe:/o:microsoft:windows_2000::sp3:datacenter_server cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_2000::sp2:advanced_server cpe:/o:microsoft:windows_2000::sp2:professional cpe:/o:microsoft:windows_2000::sp3:server cpe:/o:microsoft:windows_2000:::advanced_server cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_2000:::professional cpe:/o:microsoft:windows_2000::sp4:server cpe:/o:microsoft:windows_xp::sp1:home cpe:/o:microsoft:windows_98se cpe:/o:microsoft:windows_2000::sp1:professional cpe:/o:microsoft:windows_2000:::datacenter_server cpe:/o:microsoft:windows_xp:::media_center cpe:/o:microsoft:windows_2000::sp3:professional cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_2000::sp1:server cpe:/o:microsoft:windows_2000::sp3:advanced_server cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_2000::sp2:datacenter_server cpe:/o:microsoft:windows_xp::sp1:embedded cpe:/o:microsoft:windows_2000:::server cpe:/o:microsoft:windows_2000::sp4:datacenter_server cpe:/o:microsoft:windows_xp::sp2:tablet_pc cpe:/o:microsoft:windows_2000::sp1:advanced_server cpe:/o:microsoft:windows_2000::sp2:server cpe:/o:microsoft:windows_xp:::embedded cpe:/o:microsoft:windows_2000::sp4:professional cpe:/o:microsoft:windows_xp::sp1:media_center cpe:/o:microsoft:windows_2000::sp4:advanced_server CVE-2005-0059 2005-05-02T00:00:00.000-04:00 2008-09-10T15:34:51.057-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-05-13T16:18:00.000-04:00 ALLOWS_ADMIN_ACCESS MS MS05-017 Buffer overflow in the Message Queuing component of Microsoft Windows 2000 and Windows XP SP1 allows remote attackers to execute arbitrary code via a crafted message. cpe:/o:microsoft:windows_me cpe:/o:microsoft:windows_98::gold cpe:/o:microsoft:windows_2000::sp1:datacenter_server cpe:/o:microsoft:windows_2003_server:r2::64-bit cpe:/o:microsoft:windows_2000::sp3:datacenter_server cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_2003_server:r2::datacenter_64-bit cpe:/o:microsoft:windows_2000::sp2:advanced_server cpe:/o:microsoft:windows_2000::sp2:professional cpe:/o:microsoft:windows_2000::sp3:server cpe:/o:microsoft:windows_2003_server:enterprise::64-bit cpe:/o:microsoft:windows_2000:::advanced_server cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_2000:::professional cpe:/o:microsoft:windows_2000::sp4:server cpe:/o:microsoft:windows_xp::sp1:home cpe:/o:microsoft:windows_2003_server:standard::64-bit cpe:/o:microsoft:windows_2003_server:enterprise_64-bit cpe:/o:microsoft:windows_98se cpe:/o:microsoft:windows_2000::sp1:professional cpe:/o:microsoft:windows_2000:::datacenter_server cpe:/o:microsoft:windows_xp:::media_center cpe:/o:microsoft:windows_2000::sp3:professional cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_2000::sp1:server cpe:/o:microsoft:windows_2000::sp3:advanced_server cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_2000::sp2:datacenter_server cpe:/o:microsoft:windows_xp::sp2:home cpe:/o:microsoft:windows_xp::sp2:media_center cpe:/o:microsoft:windows_2003_server:web cpe:/o:microsoft:windows_2000:::server cpe:/o:microsoft:windows_2000::sp4:datacenter_server cpe:/o:microsoft:windows_xp::sp2:tablet_pc cpe:/o:microsoft:windows_2000::sp1:advanced_server cpe:/o:microsoft:windows_2000::sp2:server cpe:/o:microsoft:windows_2000::sp4:professional cpe:/o:microsoft:windows_xp::sp1:media_center cpe:/o:microsoft:windows_2000::sp4:advanced_server CVE-2005-0060 2005-05-02T00:00:00.000-04:00 2008-09-10T15:34:51.133-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-05-13T16:23:00.000-04:00 ALLOWS_ADMIN_ACCESS MS MS05-018 MISC http://www.ngssoftware.com/advisories/ms-01.txt BUGTRAQ 20050413 Windows kernel overflow fixed Buffer overflow in the font processing component of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application. cpe:/o:microsoft:windows_me cpe:/o:microsoft:windows_98::gold cpe:/o:microsoft:windows_2000::sp1:datacenter_server cpe:/o:microsoft:windows_2003_server:r2::64-bit cpe:/o:microsoft:windows_2000::sp3:datacenter_server cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_2003_server:r2::datacenter_64-bit cpe:/o:microsoft:windows_2000::sp2:advanced_server cpe:/o:microsoft:windows_2000::sp2:professional cpe:/o:microsoft:windows_2000::sp3:server cpe:/o:microsoft:windows_2003_server:enterprise::64-bit cpe:/o:microsoft:windows_2000:::advanced_server cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_2000:::professional cpe:/o:microsoft:windows_2000::sp4:server cpe:/o:microsoft:windows_xp::sp1:home cpe:/o:microsoft:windows_2003_server:standard::64-bit cpe:/o:microsoft:windows_2003_server:enterprise_64-bit cpe:/o:microsoft:windows_98se cpe:/o:microsoft:windows_2000::sp1:professional cpe:/o:microsoft:windows_2000:::datacenter_server cpe:/o:microsoft:windows_xp:::media_center cpe:/o:microsoft:windows_2000::sp3:professional cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_2000::sp1:server cpe:/o:microsoft:windows_2000::sp3:advanced_server cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_2000::sp2:datacenter_server cpe:/o:microsoft:windows_xp::sp2:home cpe:/o:microsoft:windows_xp::sp2:media_center cpe:/o:microsoft:windows_2003_server:web cpe:/o:microsoft:windows_2000:::server cpe:/o:microsoft:windows_2000::sp4:datacenter_server cpe:/o:microsoft:windows_2000::sp1:advanced_server cpe:/o:microsoft:windows_2000::sp2:server cpe:/o:microsoft:windows_2000::sp4:professional cpe:/o:microsoft:windows_xp::sp1:media_center cpe:/o:microsoft:windows_2000::sp4:advanced_server CVE-2005-0061 2005-05-02T00:00:00.000-04:00 2008-09-10T15:34:51.197-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-05-13T16:29:00.000-04:00 ALLOWS_ADMIN_ACCESS MS MS05-018 The kernel of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via certain access requests. cpe:/o:microsoft:windows_me cpe:/o:microsoft:windows_98::gold cpe:/o:microsoft:windows_2000::sp1:datacenter_server cpe:/o:microsoft:windows_2003_server:r2::64-bit cpe:/o:microsoft:windows_2000::sp3:datacenter_server cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_2000::sp2:advanced_server cpe:/o:microsoft:windows_2000::sp2:professional cpe:/o:microsoft:windows_2000::sp3:server cpe:/o:microsoft:windows_2003_server:enterprise::64-bit cpe:/o:microsoft:windows_2000:::advanced_server cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_2000:::professional cpe:/o:microsoft:windows_2000::sp4:server cpe:/o:microsoft:windows_xp::sp1:home cpe:/o:microsoft:windows_2003_server:standard::64-bit cpe:/o:microsoft:windows_98se cpe:/o:microsoft:windows_2000::sp1:professional cpe:/o:microsoft:windows_2000:::datacenter_server cpe:/o:microsoft:windows_xp:::media_center cpe:/o:microsoft:windows_2000::sp3:professional cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_2000::sp1:server cpe:/o:microsoft:windows_2000::sp3:advanced_server cpe:/o:microsoft:windows_2000::sp2:datacenter_server cpe:/o:microsoft:windows_xp::sp2:home cpe:/o:microsoft:windows_xp::sp2:media_center cpe:/o:microsoft:windows_2000:::server cpe:/o:microsoft:windows_2000::sp4:datacenter_server cpe:/o:microsoft:windows_2003_server:web cpe:/o:microsoft:windows_xp::sp2:tablet_pc cpe:/o:microsoft:windows_2000::sp1:advanced_server cpe:/o:microsoft:windows_2000::sp2:server cpe:/o:microsoft:windows_2000::sp4:professional cpe:/o:microsoft:windows_xp::sp1:media_center cpe:/o:microsoft:windows_2000::sp4:advanced_server CVE-2005-0063 2005-05-02T00:00:00.000-04:00 2011-03-07T21:19:29.330-05:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-13T16:34:00.000-04:00 ALLOWS_USER_ACCESS MS MS05-016 IDEFENSE 20050412 Microsoft MSHTA Script Execution Vulnerability VUPEN ADV-2005-0335 MISC http://www.securiteam.com/exploits/5YP0T0AFFW.html BID 13132 BUGTRAQ 20050529 Spam exploiting MS05-016 The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host (MSHTA), as demonstrated using a Microsoft Word document. cpe:/a:xpdf:xpdf:0.93 cpe:/a:xpdf:xpdf:0.92b cpe:/a:xpdf:xpdf:1.1 cpe:/a:xpdf:xpdf:0.7 cpe:/a:xpdf:xpdf:1.0 cpe:/a:xpdf:xpdf:0.90 cpe:/a:xpdf:xpdf:0.4 cpe:/a:xpdf:xpdf:0.92a cpe:/a:xpdf:xpdf:0.7a cpe:/a:xpdf:xpdf:3.0 cpe:/a:xpdf:xpdf:0.91a cpe:/a:xpdf:xpdf:2.2 cpe:/a:xpdf:xpdf:0.93b cpe:/a:xpdf:xpdf:0.5a cpe:/a:xpdf:xpdf:0.91c cpe:/a:xpdf:xpdf:0.92d cpe:/a:xpdf:xpdf:2.0 cpe:/a:xpdf:xpdf:0.3 cpe:/a:xpdf:xpdf:2.1 cpe:/a:xpdf:xpdf:0.2 cpe:/a:xpdf:xpdf:1.0a cpe:/a:xpdf:xpdf:0.92e cpe:/a:xpdf:xpdf:0.93c cpe:/a:xpdf:xpdf:2.3 cpe:/a:xpdf:xpdf:0.80 cpe:/a:xpdf:xpdf:0.6 cpe:/a:xpdf:xpdf:0.93a cpe:/a:xpdf:xpdf:0.91b cpe:/a:xpdf:xpdf:0.92 cpe:/a:xpdf:xpdf:0.92c cpe:/a:xpdf:xpdf:0.5 cpe:/a:xpdf:xpdf:0.91 CVE-2005-0064 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:25.717-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-02T14:48:00.000-04:00 ALLOWS_USER_ACCESS FEDORA FLSA:2353 FEDORA FLSA:2352 TRUSTIX 2005-0003 REDHAT RHSA-2005:066 REDHAT RHSA-2005:059 REDHAT RHSA-2005:057 REDHAT RHSA-2005:053 REDHAT RHSA-2005:034 IDEFENSE 20050118 Multiple Unix/Linux Vendor Xpdf makeFileKey2 Stack Overflow GENTOO GLSA-200502-10 DEBIAN DSA-648 DEBIAN DSA-645 BUGTRAQ 20050119 [USN-64-1] xpdf, CUPS vulnerabilities CONECTIVA CLA-2005:921 CONFIRM ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.00pl3.patch REDHAT RHSA-2005:026 SECUNIA 17277 SCO SCOSA-2005.42 MANDRAKE MDKSA-2005:021 MANDRAKE MDKSA-2005:020 MANDRAKE MDKSA-2005:019 MANDRAKE MDKSA-2005:018 MANDRAKE MDKSA-2005:017 MANDRAKE MDKSA-2005:016 Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value. cpe:/a:tcp:tcp CVE-2005-0065 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:12.967-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-06-02T14:23:00.000-04:00 MISC http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html BID 13124 The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind connection-reset attacks with forged "Destination Unreachable" messages, (2) blind throughput-reduction attacks with forged "Source Quench" messages, or (3) blind throughput-reduction attacks with forged ICMP messages that cause the Path MTU to be reduced. NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. cpe:/a:tcp:tcp CVE-2005-0066 2004-12-22T00:00:00.000-05:00 2008-09-05T16:45:13.120-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-06-02T14:35:00.000-04:00 MISC http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html BID 13124 The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged (aka "TCP acknowledgement number checking"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind connection-reset attacks with forged "Destination Unreachable" messages, (2) blind throughput-reduction attacks with forged "Source Quench" messages, or (3) blind throughput-reduction attacks with forged ICMP messages that cause the Path MTU to be reduced. NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. cpe:/a:tcp:tcp CVE-2005-0067 2004-12-22T00:00:00.000-05:00 2008-09-05T16:45:13.277-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-06-02T14:40:00.000-04:00 MISC http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html BID 13124 The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind connection-reset attacks with forged "Destination Unreachable" messages, (2) blind throughput-reduction attacks with forged "Source Quench" messages, or (3) blind throughput-reduction attacks with forged ICMP messages that cause the Path MTU to be reduced. NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. cpe:/a:tcp:tcp CVE-2005-0068 2004-12-22T00:00:00.000-05:00 2008-09-05T16:45:13.417-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-06-02T14:44:00.000-04:00 MISC http://www.gont.com.ar/drafts/icmp-attacks-against-tcp.html BID 13124 The original design of ICMP does not require authentication for host-generated ICMP error messages, which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind connection-reset attacks with forged "Destination Unreachable" messages, (2) blind throughput-reduction attacks with forged "Source Quench" messages, or (3) blind throughput-reduction attacks with forged ICMP messages that cause the Path MTU to be reduced. NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. cpe:/a:vim_development_group:vim:6.3.030 cpe:/a:vim_development_group:vim:6.3.025 cpe:/a:vim_development_group:vim:6.3.011 cpe:/a:vim_development_group:vim:6.3.044 CVE-2005-0069 2005-01-13T00:00:00.000-05:00 2010-08-21T00:25:26.187-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-02T15:01:00.000-04:00 XF vim-symlink(18870) REDHAT RHSA-2005:122 REDHAT RHSA-2005:036 SECUNIA 13841 BUGTRAQ 20050118 [USN-61-1] vim vulnerabilities FEDORA FLSA:2343 SECTRACK 1012938 The (1) tcltags or (2) vimspell.sh scripts in vim 6.3 allow local users to overwrite or create arbitrary files via a symlink attack on temporary files. cpe:/a:synaesthesia:synaesthesia:2.1 CVE-2005-0070 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:13.747-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-06-02T14:56:00.000-04:00 ALLOWS_ADMIN_ACCESS DEBIAN DSA-681 BID 12546 SECTRACK 1013206 SECUNIA 14300 Synaesthesia 2.1 and earlier, and possibly other versions, when installed setuid root, does not drop privileges before processing configuration and mixer files, which allows local users to read arbitrary files. cpe:/a:vdr:vdr:1.0.0 cpe:/a:vdr:vdr:1.0.4 cpe:/a:vdr:vdr:1.2.5 cpe:/a:vdr:vdr:1.2.1 cpe:/a:vdr:vdr:1.2.2 cpe:/a:vdr:vdr:1.2.0 CVE-2005-0071 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:13.903-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-06-02T15:03:00.000-04:00 XF vdr-dvdapi-file-overwrite(19066) GENTOO GLSA-200501-42 DEBIAN DSA-656 BID 12356 SECUNIA 14066 SECUNIA 13995 SECUNIA 13930 vdr before 1.2.6 does not securely create files, which allows attackers to overwrite arbitrary files. cpe:/a:ejoy_and_hu_yong:zhcon:0.2 CVE-2005-0072 2005-01-24T00:00:00.000-05:00 2008-09-10T15:34:51.897-04:00 2.1 LOCAL LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2005-06-02T15:22:00.000-04:00 DEBIAN DSA-655 XF zhcon-information-disclosure(19045) BID 12343 MANDRAKE MDKSA-2005:012 SECTRACK 1012977 SECUNIA 13987 SECUNIA 13982 SECUNIA 13977 zhcon before 0.2 does not drop privileges before reading a user configuration file, which allows local users to read arbitrary files. cpe:/a:debian:sympa:3.3.3 CVE-2005-0073 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:14.247-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-02T15:06:00.000-04:00 ALLOWS_USER_ACCESS DEBIAN DSA-677 SECTRACK 1013163 SECUNIA 14224 SECUNIA 14217 Buffer overflow in queue.c in a support script for sympa 3.3.3, when running setuid, allows local users to execute arbitrary code. cpe:/a:xpcd:xpcd:2.08 CVE-2005-0074 2005-02-11T00:00:00.000-05:00 2008-09-05T16:45:14.403-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-06-02T16:50:00.000-04:00 ALLOWS_ADMIN_ACCESS DEBIAN DSA-676 BID 12523 SECTRACK 1013162 SECUNIA 14250 SECUNIA 14248 Buffer overflow in pcdsvgaview in xpcd 2.08 allows local users to execute arbitrary code. cpe:/a:squirrelmail:squirrelmail:1.4.3a cpe:/a:squirrelmail:squirrelmail:1.0.5 cpe:/a:squirrelmail:squirrelmail:1.2.6 cpe:/a:squirrelmail:squirrelmail:1.0.4 cpe:/a:squirrelmail:squirrelmail:1.2.1 cpe:/a:squirrelmail:squirrelmail:1.4.2 cpe:/a:squirrelmail:squirrelmail:1.2.4 cpe:/a:squirrelmail:squirrelmail:1.2.5 cpe:/a:squirrelmail:squirrelmail:1.4.1 cpe:/a:squirrelmail:squirrelmail:1.2.8 cpe:/a:squirrelmail:squirrelmail:1.2.0 cpe:/a:squirrelmail:squirrelmail:1.4.0 cpe:/a:squirrelmail:squirrelmail:1.4.3 cpe:/a:squirrelmail:squirrelmail:1.2.11 cpe:/a:squirrelmail:squirrelmail:1.4 cpe:/a:squirrelmail:squirrelmail:1.2.7 cpe:/a:squirrelmail:squirrelmail:1.2.2 cpe:/a:squirrelmail:squirrelmail:1.2.9 cpe:/a:squirrelmail:squirrelmail:1.2.10 cpe:/a:squirrelmail:squirrelmail:1.2.3 CVE-2005-0075 2005-01-29T00:00:00.000-05:00 2010-08-21T00:25:26.717-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-06-06T10:16:00.000-04:00 CONFIRM http://www.squirrelmail.org/security/issue/2005-01-14 REDHAT RHSA-2005:135 REDHAT RHSA-2005:099 SECUNIA 13962 APPLE APPLE-SA-2005-03-21 BUGTRAQ 20050129 SquirrelMail Security Advisory GENTOO GLSA-200501-39 prefs.php in SquirrelMail before 1.4.4, with register_globals enabled, allows remote attackers to inject local code into the SquirrelMail code via custom preference handlers. cpe:/o:debian:debian_linux:3.0 CVE-2005-0076 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:14.763-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-06-02T21:25:00.000-04:00 ALLOWS_ADMIN_ACCESS XF xview-xvparseone-bo(19271) DEBIAN DSA-672 Multiple buffer overflows in the XView library 3.2 may allow local users to execute arbitrary code via setuid applications that use the library. cpe:/o:redhat:enterprise_linux_desktop:4.0 cpe:/o:redhat:enterprise_linux:4.0::advanced_server cpe:/o:gentoo:linux cpe:/o:debian:debian_linux:3.0::woody cpe:/o:redhat:enterprise_linux:4.0::enterprise_server cpe:/o:ubuntu:ubuntu_linux:4.10 cpe:/o:redhat:enterprise_linux:4.0::workstation CVE-2005-0077 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:26.937-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-06-02T22:05:00.000-04:00 XF dbi-library-file-overwrite(19068) REDHAT RHSA-2005:072 GENTOO GLSA-200501-38 DEBIAN DSA-658 BUGTRAQ 20050125 [USN-70-1] Perl DBI module vulnerability BID 12360 FEDORA FLSA-2006:178989 MANDRAKE MDKSA-2005:030 SECTRACK 1013007 SECUNIA 14050 SECUNIA 14015 The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file. cpe:/o:kde:kde:1.1.2 cpe:/o:kde:kde:2.2 cpe:/o:redhat:enterprise_linux:3.0::advanced_servers cpe:/o:kde:kde:3.0.3 cpe:/o:redhat:enterprise_linux:2.1::advanced_server cpe:/o:kde:kde:2.0 cpe:/o:redhat:enterprise_linux:3.0::enterprise_server cpe:/o:kde:kde:2.2_beta1 cpe:/o:redhat:enterprise_linux:2.1::enterprise_server cpe:/o:kde:kde:2.1 cpe:/o:kde:kde:1.1 cpe:/o:redhat:enterprise_linux:3.0::workstation cpe:/o:kde:kde:3.0.4 cpe:/o:debian:debian_linux:3.0::woody cpe:/o:kde:kde:3.0.2 cpe:/o:redhat:enterprise_linux:2.1::workstation cpe:/o:kde:kde:3.0_beta_1 cpe:/o:kde:kde:2.2.1 cpe:/o:kde:kde:2.1_beta1 cpe:/o:kde:kde:2.1_beta2 cpe:/o:kde:kde:1.0 cpe:/o:kde:kde:3.0.1 cpe:/o:kde:kde:3.0 cpe:/o:redhat:enterprise_linux_desktop:3.0 cpe:/o:kde:kde:3.0_beta_2 cpe:/o:redhat:linux_advanced_workstation:2.1 cpe:/o:kde:kde:1.1.1 cpe:/o:kde:kde:2.0.1 CVE-2005-0078 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:27.060-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-02T22:22:00.000-04:00 ALLOWS_USER_ACCESS XF kdebase-screensaver-security-bypass(19084) REDHAT RHSA-2005:009 DEBIAN DSA-660 The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session. cpe:/a:xtrlock:xtrlock:2.0 CVE-2005-0079 2005-05-02T00:00:00.000-04:00 2008-09-10T15:34:52.540-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-02T22:16:00.000-04:00 ALLOWS_USER_ACCESS DEBIAN DSA-649 XF xtrlock-screen-lock-bypass(18991) BID 12316 SECUNIA 13938 Buffer overflow in xtrlock 2.0 allows local users to cause a denial of service (application crash) and hijack the desktop session. cpe:/a:gnu:mailman:2.1.5 cpe:/o:ubuntu:ubuntu_linux:4.10 CVE-2005-0080 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:15.467-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2005-06-02T22:22:00.000-04:00 BUGTRAQ 20050110 [USN-59-1] mailman vulnerabilities MISC http://qa.debian.org/bts-security.html CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=285839 The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 displays a different error message depending on whether the e-mail address is subscribed to a private list, which allows remote attackers to determine the list membership for a given e-mail address. cpe:/a:mysql:maxdb:7.5.00.12 cpe:/a:mysql:maxdb:7.5.00.08 cpe:/a:mysql:maxdb:7.5.00.18 cpe:/a:mysql:maxdb:7.5.00.19 cpe:/a:mysql:maxdb:7.5.00.15 cpe:/a:mysql:maxdb:7.5.00 cpe:/a:mysql:maxdb:7.5.00.14 cpe:/a:mysql:maxdb:7.5.00.16 cpe:/a:mysql:maxdb:7.5.00.11 CVE-2005-0081 2005-04-14T00:00:00.000-04:00 2011-03-07T21:19:30.657-05:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 IDEFENSE 20050119 MySQL MaxDB Web Agent Multiple Denial of Service Vulnerabilities MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via an HTTP request with invalid headers. cpe:/a:mysql:maxdb:7.5.00.12 cpe:/a:mysql:maxdb:7.5.00.08 cpe:/a:mysql:maxdb:7.5.00.18 cpe:/a:mysql:maxdb:7.5.00.19 cpe:/a:mysql:maxdb:7.5.00.15 cpe:/a:mysql:maxdb:7.5.00 cpe:/a:mysql:maxdb:7.5.00.14 cpe:/a:mysql:maxdb:7.5.00.16 cpe:/a:mysql:maxdb:7.5.00.11 CVE-2005-0082 2005-04-14T00:00:00.000-04:00 2011-03-07T21:19:30.750-05:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 IDEFENSE 20050119 MySQL MaxDB Web Agent Multiple Denial of Service Vulnerabilities The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via invalid parameters to the WebDAV handler code, which triggers a null dereference that causes the SAP DB Web Agent to crash. cpe:/a:mysql:maxdb:7.5.00 CVE-2005-0083 2005-05-02T00:00:00.000-04:00 2011-03-07T21:19:30.847-05:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-06-02T22:25:00.000-04:00 XF maxdb-null-pointer-dos(19687) IDEFENSE 20050314 MySQL MaxDB Web Agent Multiple Denial of Service Vulnerabilities MySQL MaxDB 7.5.00 for Windows, and possibly earlier versions and other platforms, allows remote attackers to cause a denial of service (application crash) via invalid parameters to the (1) DBMCli_String::ReallocString, (2) DBMCli_String::operator, (3) DBMCli_Buffer::ForceResize, (4) DBMCli_Wizard::InstallDatabase, (5) DBMCli_Devspaces::Complete, (6) DBMWeb_TemplateWizard::askForWriteCountStep5, or (7) DBMWeb_DBMWeb::wizardDB functions, which triggers a null dereference. cpe:/a:ethereal_group:ethereal:0.10.8 cpe:/a:ethereal_group:ethereal:0.9.8 cpe:/a:ethereal_group:ethereal:0.9.11 cpe:/a:ethereal_group:ethereal:0.9 cpe:/a:ethereal_group:ethereal:0.9.16 cpe:/a:ethereal_group:ethereal:0.9.2 cpe:/a:ethereal_group:ethereal:0.9.4 cpe:/a:ethereal_group:ethereal:0.9.5 cpe:/a:ethereal_group:ethereal:0.8.14 cpe:/a:ethereal_group:ethereal:0.10.1 cpe:/a:ethereal_group:ethereal:0.9.12 cpe:/a:ethereal_group:ethereal:0.10.7 cpe:/a:ethereal_group:ethereal:0.10.2 cpe:/a:ethereal_group:ethereal:0.8 cpe:/a:ethereal_group:ethereal:0.9.15 cpe:/a:ethereal_group:ethereal:0.9.0 cpe:/a:ethereal_group:ethereal:0.9.3 cpe:/a:ethereal_group:ethereal:0.10.0 cpe:/a:ethereal_group:ethereal:0.10.4 cpe:/a:ethereal_group:ethereal:0.8.15 cpe:/a:ethereal_group:ethereal:0.10.5 cpe:/a:ethereal_group:ethereal:0.10.3 cpe:/a:ethereal_group:ethereal:0.9.7 cpe:/a:ethereal_group:ethereal:0.9.9 cpe:/a:ethereal_group:ethereal:0.9.14 cpe:/a:ethereal_group:ethereal:0.8.20 cpe:/a:ethereal_group:ethereal:0.9.10 cpe:/a:ethereal_group:ethereal:0.10.6 cpe:/a:ethereal_group:ethereal:0.8.17a cpe:/a:ethereal_group:ethereal:0.9.13 cpe:/a:ethereal_group:ethereal:0.8.16 cpe:/a:ethereal_group:ethereal:0.8.18 cpe:/a:ethereal_group:ethereal:0.8.13 cpe:/a:ethereal_group:ethereal:0.9.1 cpe:/a:ethereal_group:ethereal:0.8.19 cpe:/a:ethereal_group:ethereal:0.9.6 cpe:/a:ethereal_group:ethereal:0.10.0a cpe:/a:ethereal_group:ethereal:0.10 CVE-2005-0084 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:27.733-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-02T22:30:00.000-04:00 ALLOWS_USER_ACCESS GENTOO GLSA-200501-27 DEBIAN DSA-653 SECUNIA 13946 XF ethereal-x11-bo(19004) REDHAT RHSA-2005:037 CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00017.html CIAC P-106 BID 12326 FEDORA FLSA-2006:152922 MANDRAKE MDKSA-2005:013 Buffer overflow in the X11 dissector in Ethereal 0.8.10 through 0.10.8 allows remote attackers to execute arbitrary code via a crafted packet. cpe:/o:mandrakesoft:mandrake_linux:10.0::amd64 cpe:/o:mandrakesoft:mandrake_linux:10.1 cpe:/o:mandrakesoft:mandrake_linux:10.1::x86_64 cpe:/o:suse:suse_linux:8.1 cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1::x86_64 cpe:/o:suse:suse_linux:9.2 cpe:/o:redhat:fedora_core:core_3.0 cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1 cpe:/a:htdig:htdig:3.2.0b2 cpe:/o:suse:suse_linux:9.1 cpe:/a:htdig:htdig:3.2.0b6 cpe:/a:htdig:htdig:3.2.0b4 cpe:/a:htdig:htdig:3.1.5 cpe:/a:htdig:htdig:3.2.0b3 cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64 cpe:/a:htdig:htdig:3.2.0b5 cpe:/o:suse:suse_linux:9.0::x86_64 cpe:/o:suse:suse_linux:8.0 cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0 cpe:/o:suse:suse_linux:8.0::i386 cpe:/a:htdig:htdig:3.1.6 cpe:/a:htdig:htdig:3.2.0 cpe:/o:suse:suse_linux:9.0 cpe:/a:htdig:htdig:3.1.5_8 cpe:/a:htdig:htdig:3.1.5_7 cpe:/o:suse:suse_linux:8.2 cpe:/o:mandrakesoft:mandrake_linux:10.0 CVE-2005-0085 2005-04-27T00:00:00.000-04:00 2010-08-21T00:25:27.857-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS BID 12442 DEBIAN DSA-680 XF htdig-config-xss(19223) REDHAT RHSA-2005:073 GENTOO GLSA-200502-16 SECTRACK 1013078 REDHAT RHSA-2005:090 FEDORA FLSA-2006:152907 MANDRAKE MDKSA-2005:063 SECUNIA 17415 SECUNIA 17414 SECUNIA 15007 SECUNIA 14795 SECUNIA 14303 SECUNIA 14276 SECUNIA 14255 SCO SCOSA-2005.46 Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message. cpe:/o:redhat:enterprise_linux_desktop:3.0 cpe:/o:redhat:enterprise_linux:3.0::workstation cpe:/o:redhat:enterprise_linux:3.0::enterprise_server cpe:/o:redhat:enterprise_linux:3.0::advanced_servers CVE-2005-0086 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:27.997-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-02T22:40:00.000-04:00 ALLOWS_USER_ACCESS CONFIRM https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=145527 FEDORA FLSA:2404 XF less-file-bo(19131) REDHAT RHSA-2005:068 Heap-based buffer overflow in less in Red Hat Enterprise Linux 3 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file, as demonstrated using the UTF-8 locale. cpe:/o:redhat:enterprise_linux:4.0::advanced_server cpe:/o:redhat:enterprise_linux:4.0::enterprise_server cpe:/o:alsa:alsa-lib:1.0.6 cpe:/o:redhat:enterprise_linux:4.0::desktop cpe:/o:redhat:enterprise_linux:4.0::workstation CVE-2005-0087 2005-04-27T00:00:00.000-04:00 2010-08-21T00:25:28.153-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS REDHAT RHSA-2005:033 The alsa-lib package in Red Hat Linux 4 disables stack protection for the libasound.so library, which makes it easier for attackers to execute arbitrary code if there are other vulnerabilities in the library. cpe:/a:apache:mod_python:2.7.4 cpe:/a:apache:mod_python:2.6.1 cpe:/a:apache:mod_python:2.7.1 cpe:/a:apache:mod_python:2.3 cpe:/a:apache:mod_python:2.1 cpe:/a:apache:mod_python:2.4 cpe:/a:apache:mod_python:2.6.3 cpe:/a:apache:mod_python:2.7 cpe:/a:apache:mod_python:2.7.3 cpe:/a:apache:mod_python:1.9a cpe:/a:apache:mod_python:2.7.8 cpe:/a:apache:mod_python:2.6.4 cpe:/a:apache:mod_python:2.7.5 cpe:/a:apache:mod_python:2.5 cpe:/a:apache:mod_python:2.7.6 cpe:/a:apache:mod_python:2.7.2 cpe:/a:apache:mod_python:2.2 cpe:/a:apache:mod_python:2.7.7 cpe:/a:apache:mod_python:2.0 cpe:/a:apache:mod_python:2.4.1 cpe:/a:apache:mod_python:2.6 cpe:/a:apache:mod_python:2.6.2 CVE-2005-0088 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:28.280-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-02T22:46:00.000-04:00 ALLOWS_OTHER_ACCESS CERT-VN VU#356409 DEBIAN DSA-689 GENTOO GLSA-200502-14 TRUSTIX 2005-0003 BID 12519 FEDORA FLSA:152896 REDHAT RHSA-2005:104 REDHAT RHSA-2005:100 SECTRACK 1013156 BUGTRAQ 20050211 [USN-80-1] mod_python vulnerability CONECTIVA CLA-2005:926 The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL. cpe:/a:python_software_foundation:python:2.2 cpe:/a:python_software_foundation:python:2.4 cpe:/a:python_software_foundation:python:2.3.2 cpe:/a:python_software_foundation:python:2.3.1 cpe:/a:python_software_foundation:python:2.3.4 cpe:/a:python_software_foundation:python:2.3.3 cpe:/a:python_software_foundation:python:2.3 CVE-2005-0089 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:28.420-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-02T22:54:00.000-04:00 CONFIRM http://www.python.org/security/PSF-2005-001/ DEBIAN DSA-666 CONFIRM http://python.org/security/PSF-2005-001/patch-2.2.txt BUGTRAQ 20050203 Python Security Advisory PSF-2005-001 - SimpleXMLRPCServer.py XF python-simplexmlrpcserver-bypass(19217) TRUSTIX 2005-0003 REDHAT RHSA-2005:108 BID 12437 MANDRAKE MDKSA-2005:035 SECTRACK 1013083 SECUNIA 14128 The SimpleXMLRPCServer library module in Python 2.2, 2.3 before 2.3.5, and 2.4, when used by XML-RPC servers that use the register_instance method to register an object without a _dispatch method, allows remote attackers to read or modify globals of the associated module, and possibly execute arbitrary code, via dotted attributes. cpe:/o:redhat:enterprise_linux_desktop:4.0 cpe:/o:redhat:enterprise_linux:4.0::advanced_server cpe:/o:redhat:enterprise_linux:4.0::enterprise_server cpe:/o:redhat:enterprise_linux:4.0::workstation CVE-2005-0090 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:28.547-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-06-02T23:00:00.000-04:00 XF red-hat-regression-dos(20618) BID 12599 REDHAT RHSA-2005:092 A regression error in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch omits an "access check," which allows local users to cause a denial of service (crash). cpe:/o:redhat:enterprise_linux_desktop:4.0 cpe:/o:redhat:enterprise_linux:4.0::advanced_server cpe:/o:redhat:enterprise_linux:4.0::enterprise_server cpe:/o:redhat:enterprise_linux:4.0::workstation CVE-2005-0091 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:28.670-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-06-02T23:03:00.000-04:00 ALLOWS_ADMIN_ACCESS XF red-hat-patch-gain-privileges(20619) BID 12599 REDHAT RHSA-2005:092 Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when using the hugemem kernel, allows local users to read and write to arbitrary kernel memory and gain privileges via certain syscalls. cpe:/o:redhat:enterprise_linux_desktop:4.0 cpe:/o:redhat:enterprise_linux:4.0::advanced_server cpe:/o:redhat:enterprise_linux:4.0::enterprise_server cpe:/o:redhat:enterprise_linux:4.0::workstation CVE-2005-0092 2005-02-19T00:00:00.000-05:00 2010-08-21T00:25:28.810-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-06-03T00:17:00.000-04:00 BID 12599 REDHAT RHSA-2005:092 XF red-hat-patch-dos(20620) Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when running on x86 with the hugemem kernel, allows local users to cause a denial of service (crash). CVE-2005-0093 2005-05-02T00:00:00.000-04:00 2008-09-10T15:34:55.353-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. cpe:/a:squid:squid:2.5.6 cpe:/a:squid:squid:2.1_patch2 cpe:/a:squid:squid:2.5_.stable3 cpe:/a:squid:squid:2.5_.stable1 cpe:/a:squid:squid:2.5.stable4 cpe:/a:squid:squid:2.3_.stable4 cpe:/a:squid:squid:2.5_stable3 cpe:/a:squid:squid:2.5_.stable4 cpe:/a:squid:squid:2.5_.stable5 cpe:/a:squid:squid:2.5_stable4 cpe:/a:squid:squid:2.5.stable6 cpe:/a:squid:squid:2.3_.stable5 cpe:/a:squid:squid:2.5.stable7 cpe:/a:squid:squid:2.5_.stable6 cpe:/a:squid:squid:2.5.stable5 cpe:/a:squid:squid:2.4 cpe:/a:squid:squid:2.4_.stable7 cpe:/a:squid:squid:2.5.stable2 cpe:/a:squid:squid:2.0_patch2 cpe:/a:squid:squid:2.5.stable3 cpe:/a:squid:squid:2.4_.stable6 cpe:/a:squid:squid:2.4_stable7 cpe:/a:squid:squid:2.5_stable9 cpe:/a:squid:squid:2.4_.stable2 cpe:/a:squid:squid:2.3_stable5 cpe:/a:squid:squid:2.5.stable1 cpe:/a:squid:squid:2.6.stable1 CVE-2005-0094 2005-01-15T00:00:00.000-05:00 2010-08-21T00:25:28.967-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-06-03T00:28:00.000-04:00 REDHAT RHSA-2005:061 REDHAT RHSA-2005:060 DEBIAN DSA-651 GENTOO GLSA-200501-25 SECUNIA 13825 TRUSTIX 2005-0003 CONFIRM http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-gopher_html_parsing.patch CONFIRM http://www.squid-cache.org/Advisories/SQUID-2005_1.txt SUSE SUSE-SA:2005:006 CONECTIVA CLA-2005:923 BID 12276 MANDRAKE MDKSA-2005:014 FEDORA FLSA-2006:152809 Buffer overflow in the gopherToHTML function in the Gopher reply parser for Squid 2.5.STABLE7 and earlier allows remote malicious Gopher servers to cause a denial of service (crash) via crafted responses. cpe:/a:squid:squid:2.5.6 cpe:/a:squid:squid:2.1_patch2 cpe:/a:squid:squid:2.5_.stable3 cpe:/a:squid:squid:2.5_.stable1 cpe:/a:squid:squid:2.5.stable4 cpe:/a:squid:squid:2.3_.stable4 cpe:/a:squid:squid:2.5_stable3 cpe:/a:squid:squid:2.5_.stable4 cpe:/a:squid:squid:2.5_.stable5 cpe:/a:squid:squid:2.5_stable4 cpe:/a:squid:squid:2.5.stable6 cpe:/a:squid:squid:2.3_.stable5 cpe:/a:squid:squid:2.5.stable7 cpe:/a:squid:squid:2.5_.stable6 cpe:/a:squid:squid:2.5.stable5 cpe:/a:squid:squid:2.4 cpe:/a:squid:squid:2.4_.stable7 cpe:/a:squid:squid:2.5.stable2 cpe:/a:squid:squid:2.0_patch2 cpe:/a:squid:squid:2.5.stable3 cpe:/a:squid:squid:2.4_.stable6 cpe:/a:squid:squid:2.4_stable7 cpe:/a:squid:squid:2.5_stable9 cpe:/a:squid:squid:2.4_.stable2 cpe:/a:squid:squid:2.3_stable5 cpe:/a:squid:squid:2.5.stable1 cpe:/a:squid:squid:2.6.stable1 CVE-2005-0095 2005-01-15T00:00:00.000-05:00 2010-08-21T00:25:29.093-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-06-03T00:42:00.000-04:00 TRUSTIX 2005-0003 CONFIRM http://www.squid-cache.org/Advisories/SQUID-2005_2.txt REDHAT RHSA-2005:061 REDHAT RHSA-2005:060 SUSE SUSE-SA:2005:006 DEBIAN DSA-651 GENTOO GLSA-200501-25 SECUNIA 13825 CONECTIVA CLA-2005:923 CONFIRM http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-wccp_denial_of_service.patch BID 12275 OSVDB 12886 MANDRAKE MDKSA-2005:014 SECTRACK 1012882 FEDORA FLSA-2006:152809 The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via malformed WCCP messages with source addresses that are spoofed to reference Squid's home router and invalid WCCP_I_SEE_YOU cache numbers. cpe:/a:squid:squid:2.5.6 cpe:/a:squid:squid:2.1_patch2 cpe:/a:squid:squid:2.5_.stable3 cpe:/a:squid:squid:2.5_.stable1 cpe:/a:squid:squid:2.5.stable4 cpe:/a:squid:squid:2.3_.stable4 cpe:/a:squid:squid:2.5_stable3 cpe:/a:squid:squid:2.5_.stable4 cpe:/a:squid:squid:2.5_.stable5 cpe:/a:squid:squid:2.5_stable4 cpe:/a:squid:squid:2.5.stable6 cpe:/a:squid:squid:2.3_.stable5 cpe:/a:squid:squid:2.5.stable7 cpe:/a:squid:squid:2.5_.stable6 cpe:/a:squid:squid:2.5.stable5 cpe:/a:squid:squid:2.4 cpe:/a:squid:squid:2.4_.stable7 cpe:/a:squid:squid:2.5.stable2 cpe:/a:squid:squid:2.0_patch2 cpe:/a:squid:squid:2.5.stable3 cpe:/a:squid:squid:2.4_.stable6 cpe:/a:squid:squid:2.4_stable7 cpe:/a:squid:squid:2.5_stable9 cpe:/a:squid:squid:2.4_.stable2 cpe:/a:squid:squid:2.3_stable5 cpe:/a:squid:squid:2.5.stable1 cpe:/a:squid:squid:2.6.stable1 CVE-2005-0096 2005-01-25T00:00:00.000-05:00 2010-08-21T00:25:29.217-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-06-03T00:50:00.000-04:00 CONFIRM http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_auth REDHAT RHSA-2005:061 REDHAT RHSA-2005:060 GENTOO GLSA-200501-25 CONECTIVA CLA-2005:923 TRUSTIX 2005-0003 SUSE SUSE-SA:2005:006 BID 12324 SECTRACK 1012818 FEDORA FLSA-2006:152809 Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (memory consumption). cpe:/a:squid:squid:2.5.6 cpe:/a:squid:squid:2.1_patch2 cpe:/a:squid:squid:2.5_.stable3 cpe:/a:squid:squid:2.5_.stable1 cpe:/a:squid:squid:2.5.stable4 cpe:/a:squid:squid:2.3_.stable4 cpe:/a:squid:squid:2.5_stable3 cpe:/a:squid:squid:2.5_.stable4 cpe:/a:squid:squid:2.5_.stable5 cpe:/a:squid:squid:2.5_stable4 cpe:/a:squid:squid:2.5.stable6 cpe:/a:squid:squid:2.3_.stable5 cpe:/a:squid:squid:2.5.stable7 cpe:/a:squid:squid:2.5_.stable6 cpe:/a:squid:squid:2.5.stable5 cpe:/a:squid:squid:2.4 cpe:/a:squid:squid:2.4_.stable7 cpe:/a:squid:squid:2.5.stable2 cpe:/a:squid:squid:2.0_patch2 cpe:/a:squid:squid:2.5.stable3 cpe:/a:squid:squid:2.4_.stable6 cpe:/a:squid:squid:2.4_stable7 cpe:/a:squid:squid:2.5_stable9 cpe:/a:squid:squid:2.4_.stable2 cpe:/a:squid:squid:2.3_stable5 cpe:/a:squid:squid:2.5.stable1 cpe:/a:squid:squid:2.6.stable1 CVE-2005-0097 2005-01-11T00:00:00.000-05:00 2010-08-21T00:25:29.343-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-06-03T01:17:00.000-04:00 TRUSTIX 2005-0003 CONFIRM http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-fakeauth_auth REDHAT RHSA-2005:061 REDHAT RHSA-2005:060 SUSE SUSE-SA:2005:006 GENTOO GLSA-200501-25 SECUNIA 13789 BID 12220 SECTRACK 1012818 FEDORA FLSA-2006:152809 The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (crash) via a malformed NTLM type 3 message that triggers a NULL dereference. cpe:/a:abuse:abuse-sdl:2.0 CVE-2005-0098 2005-03-08T00:00:00.000-05:00 2008-09-05T16:45:18.823-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T01:25:00.000-04:00 DEBIAN DSA-691 SECUNIA 14495 Multiple buffer overflows in the SDL port of abuse (abuse-SDL) before 2.00 allow local users to execute arbitrary code via the command line. cpe:/a:abuse:abuse-sdl:2.0 CVE-2005-0099 2005-03-08T00:00:00.000-05:00 2008-09-05T16:45:18.980-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-06-03T01:32:00.000-04:00 DEBIAN DSA-691 SECUNIA 14495 OSVDB 14610 The SDL port of abuse (abuse-SDL) before 2.00 does not properly drop privileges before creating certain files, which allows local users to create or overwrite arbitrary files. cpe:/a:gnu:emacs:20.0 cpe:/a:gnu:xemacs:21.4 cpe:/a:gnu:emacs:21.3 CVE-2005-0100 2005-02-07T00:00:00.000-05:00 2010-08-21T00:25:29.653-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T01:40:00.000-04:00 ALLOWS_USER_ACCESS XF xemacs-movemail-format-string(19246) REDHAT RHSA-2005:133 REDHAT RHSA-2005:112 REDHAT RHSA-2005:110 DEBIAN DSA-685 DEBIAN DSA-671 DEBIAN DSA-670 BUGTRAQ 20050207 [USN-76-1] Emacs vulnerability BID 12462 FEDORA FLSA-2006:152898 MANDRAKE MDKSA-2005:038 Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets. cpe:/a:newspost:newspost:2.1.1 CVE-2005-0101 2005-02-01T00:00:00.000-05:00 2008-09-05T16:45:19.277-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T02:00:00.000-04:00 ALLOWS_USER_ACCESS GENTOO GLSA-200502-05 XF newspost-socketgetline-bo(19178) CONFIRM http://www.vuxml.org/freebsd/7f13607b-6948-11d9-8937-00065be4b5b6.html SECUNIA 14092 MISC http://people.freebsd.org/~niels/issues/newspost-20050114.txt BUGTRAQ 20050202 RE: SECURITEY.NNOV.RU NewsPost buffer overflow [EXPLOIT] BID 12418 SECTRACK 1013056 SECUNIA 14098 Buffer overflow in the socket_getline function in Newspost 2.1.1 and earlier allows remote malicious NNTP servers to execute arbitrary code via a long string without a newline character. cpe:/a:ximian:evolution:1.2.3 cpe:/a:ximian:evolution:1.2.4 cpe:/a:ximian:evolution:1.2.2 cpe:/a:ximian:evolution:1.3.2_beta CVE-2005-0102 2005-01-24T00:00:00.000-05:00 2010-08-21T00:25:29.903-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-06-03T02:09:00.000-04:00 ALLOWS_ADMIN_ACCESS XF evolution-camellockhelper-bo(19031) BID 12354 REDHAT RHSA-2005:397 DEBIAN DSA-673 GENTOO GLSA-200501-35 CONECTIVA CLA-2005:925 REDHAT RHSA-2005:238 UBUNTU USN-69-1 MANDRAKE MDKSA-2005:024 SECTRACK 1012981 SECUNIA 13830 Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow. cpe:/a:squirrelmail:squirrelmail:1.4.3a cpe:/a:squirrelmail:squirrelmail:1.0.5 cpe:/a:squirrelmail:squirrelmail:1.2.6 cpe:/a:squirrelmail:squirrelmail:1.4.3_rc1 cpe:/a:squirrelmail:squirrelmail:1.0.4 cpe:/a:squirrelmail:squirrelmail:1.2.1 cpe:/a:squirrelmail:squirrelmail:1.4.2 cpe:/a:squirrelmail:squirrelmail:1.2.4 cpe:/a:squirrelmail:squirrelmail:1.2.5 cpe:/a:squirrelmail:squirrelmail:1.4.1 cpe:/a:squirrelmail:squirrelmail:1.2.8 cpe:/a:squirrelmail:squirrelmail:1.2.0 cpe:/a:squirrelmail:squirrelmail:1.4.0 cpe:/a:squirrelmail:squirrelmail:1.4.3 cpe:/a:squirrelmail:squirrelmail:1.2.11 cpe:/a:squirrelmail:squirrelmail:1.4 cpe:/a:squirrelmail:squirrelmail:1.2.7 cpe:/a:squirrelmail:squirrelmail:1.2.2 cpe:/a:squirrelmail:squirrelmail:1.2.9 cpe:/a:squirrelmail:squirrelmail:1.2.10 cpe:/a:squirrelmail:squirrelmail:1.2.3 CVE-2005-0103 2005-01-24T00:00:00.000-05:00 2010-08-21T00:00:00.000-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T02:31:00.000-04:00 ALLOWS_OTHER_ACCESS CONFIRM http://www.squirrelmail.org/security/issue/2005-01-19?PHPSESSID=8af117822fb1ca3aa966a64248b5d223 REDHAT RHSA-2005:135 REDHAT RHSA-2005:099 SECUNIA 13962 APPLE APPLE-SA-2005-03-21 XF squirrelmail-frame-file-include(19037) GENTOO GLSA-200501-39 BUGTRAQ 20050129 SquirrelMail Security Advisory PHP remote file inclusion vulnerability in webmail.php in SquirrelMail before 1.4.4 allows remote attackers to execute arbitrary PHP code by modifying a URL parameter to reference a URL on a remote web server that contains the code. cpe:/a:squirrelmail:squirrelmail:1.4.3a cpe:/a:squirrelmail:squirrelmail:1.0.5 cpe:/a:squirrelmail:squirrelmail:1.2.6 cpe:/a:squirrelmail:squirrelmail:1.4.3_rc1 cpe:/a:squirrelmail:squirrelmail:1.0.4 cpe:/a:squirrelmail:squirrelmail:1.44 cpe:/a:squirrelmail:squirrelmail:1.2.1 cpe:/a:squirrelmail:squirrelmail:1.4.2 cpe:/a:squirrelmail:squirrelmail:1.2.4 cpe:/a:squirrelmail:squirrelmail:1.2.5 cpe:/a:squirrelmail:squirrelmail:1.4.1 cpe:/a:squirrelmail:squirrelmail:1.2.8 cpe:/a:squirrelmail:squirrelmail:1.2.0 cpe:/a:squirrelmail:squirrelmail:1.4.0 cpe:/a:squirrelmail:squirrelmail:1.4.3 cpe:/a:squirrelmail:squirrelmail:1.2.11 cpe:/a:squirrelmail:squirrelmail:1.4 cpe:/a:squirrelmail:squirrelmail:1.2.7 cpe:/a:squirrelmail:squirrelmail:1.2.2 cpe:/a:squirrelmail:squirrelmail:1.2.9 cpe:/a:squirrelmail:squirrelmail:1.2.10 cpe:/a:squirrelmail:squirrelmail:1.2.3 CVE-2005-0104 2005-01-29T00:00:00.000-05:00 2010-08-21T00:25:30.153-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-06-03T02:41:00.000-04:00 CONFIRM http://www.squirrelmail.org/security/issue/2005-01-20 REDHAT RHSA-2005:135 REDHAT RHSA-2005:099 DEBIAN DSA-662 SECUNIA 14096 SECUNIA 13962 BUGTRAQ 20050129 SquirrelMail Security Advisory APPLE APPLE-SA-2005-03-21 XF squirrelmail-webmailphp-xss(19036) GENTOO GLSA-200501-39 Cross-site scripting (XSS) vulnerability in webmail.php in SquirrelMail before 1.4.4 allows remote attackers to inject arbitrary web script or HTML via certain integer variables. cpe:/a:typespeed:typespeed:0.4.1 CVE-2005-0105 2005-02-16T00:00:00.000-05:00 2008-09-05T16:45:20.010-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T03:11:00.000-04:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-684 Unknown vulnerability in typespeed 0.4.1 and earlier allows local users to gain privileges. cpe:/o:ubuntu:ubuntu_linux:5.04 CVE-2005-0106 2005-05-03T00:00:00.000-04:00 2009-11-13T00:39:05.670-05:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-12T15:05:00.000-04:00 UBUNTU USN-113-1 BID 13471 MANDRIVA MDKSA-2006:023 SECUNIA 18639 SSLeay.pm in libnet-ssleay-perl before 1.25 uses the /tmp/entropy file for entropy if a source is not set in the EGD_PATH variable, which allows local users to reduce the cryptographic strength of certain operations by modifying the file. cpe:/a:debian:bsmtpd:2.3 CVE-2005-0107 2005-02-25T00:00:00.000-05:00 2008-09-05T16:45:20.323-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T03:24:00.000-04:00 ALLOWS_USER_ACCESS DEBIAN DSA-690 bsmtpd 2.3 and earlier does not properly sanitize e-mail addresses, which allows remote attackers to execute arbitrary commands. cpe:/a:apache:mod_auth_radius:1.5.4 CVE-2005-0108 2005-01-11T00:00:00.000-05:00 2008-09-05T16:45:20.480-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-06-03T03:41:00.000-04:00 XF modauthradius-dos(18841) DEBIAN DSA-659 MISC http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-01-02 BUGTRAQ 20050111 Apache mod_auth_radius remote integer overflow BID 12217 SECTRACK 1012829 SECUNIA 14046 SECUNIA 13773 Apache mod_auth_radius 1.5.4 and libpam-radius-auth allow remote malicious RADIUS servers to cause a denial of service (crash) via a RADIUS_REPLY_MESSAGE with a RADIUS attribute length of 1, which leads to a memcpy operation with a -1 length argument. cpe:/o:freebsd:freebsd:5.1 cpe:/o:redhat:enterprise_linux:2.1::workstation_ia64 cpe:/o:sco:openserver:5.0.7 cpe:/o:freebsd:freebsd:2.1.6 cpe:/o:freebsd:freebsd:4.3:releng cpe:/o:freebsd:freebsd:4.6.2 cpe:/o:redhat:enterprise_linux:2.1::advanced_server cpe:/o:freebsd:freebsd:5.0 cpe:/o:freebsd:freebsd:3.5:stable cpe:/o:redhat:enterprise_linux:3.0::workstation_server cpe:/o:sun:solaris:9.0:x86_update_2 cpe:/o:freebsd:freebsd:2.2.4 cpe:/o:freebsd:freebsd:4.6:stable cpe:/o:sco:unixware:7.1.3_up cpe:/o:sco:unixware:7.1.3 cpe:/o:freebsd:freebsd:2.1.0 cpe:/o:freebsd:freebsd:4.7:releng cpe:/o:freebsd:freebsd:4.3:release_p38 cpe:/o:freebsd:freebsd:4.1.1:stable cpe:/o:freebsd:freebsd:2.2 cpe:/o:freebsd:freebsd:3.0:releng cpe:/o:redhat:enterprise_linux:2.1::advanced_server_ia64 cpe:/o:freebsd:freebsd:3.0 cpe:/o:freebsd:freebsd:2.2.3 cpe:/o:freebsd:freebsd:5.2 cpe:/o:freebsd:freebsd:4.5:stable cpe:/o:freebsd:freebsd:4.6:release cpe:/o:freebsd:freebsd:2.1.6.1 cpe:/o:freebsd:freebsd:4.5 cpe:/o:freebsd:freebsd:4.9 cpe:/o:freebsd:freebsd:4.0:releng cpe:/o:freebsd:freebsd:4.7:release cpe:/o:freebsd:freebsd:4.3:stable cpe:/o:freebsd:freebsd:4.5:release_p32 cpe:/o:ubuntu:ubuntu_linux:4.1::ppc cpe:/o:freebsd:freebsd:4.2:stable cpe:/o:freebsd:freebsd:4.3:release cpe:/o:sco:unixware:7.1.4 cpe:/o:freebsd:freebsd:5.0:release_p14 cpe:/o:redhat:enterprise_linux:3.0::advanced_server cpe:/o:redhat:enterprise_linux:4.0::workstation cpe:/o:freebsd:freebsd:4.6 cpe:/o:redhat:fedora_core:core_3.0 cpe:/o:sun:solaris:10.0::sparc cpe:/o:freebsd:freebsd:3.4 cpe:/o:freebsd:freebsd:5.1:releng cpe:/o:freebsd:freebsd:2.2.8 cpe:/o:freebsd:freebsd:3.1 cpe:/o:freebsd:freebsd:4.7:stable cpe:/o:redhat:enterprise_linux:2.1::workstation cpe:/o:freebsd:freebsd:4.9:releng cpe:/o:sun:solaris:9.0::x86 cpe:/o:freebsd:freebsd:4.5:release cpe:/o:freebsd:freebsd:4.8 cpe:/o:freebsd:freebsd:4.8:pre-release cpe:/o:freebsd:freebsd:4.10 cpe:/o:ubuntu:ubuntu_linux:5.04::i386 cpe:/o:redhat:enterprise_linux_desktop:3.0 cpe:/o:freebsd:freebsd:4.3 cpe:/o:freebsd:freebsd:4.8:releng cpe:/o:freebsd:freebsd:3.5.1:release cpe:/o:freebsd:freebsd:4.8:release_p6 cpe:/o:sun:solaris:8.0::x86 cpe:/o:freebsd:freebsd:2.2.5 cpe:/o:freebsd:freebsd:5.2.1:release cpe:/o:freebsd:freebsd:3.5.1 cpe:/o:freebsd:freebsd:4.11:release_p3 cpe:/o:freebsd:freebsd:4.9:pre-release cpe:/o:freebsd:freebsd:3.5.1:stable cpe:/o:redhat:enterprise_linux_desktop:4.0 cpe:/o:freebsd:freebsd:4.11:releng cpe:/o:freebsd:freebsd:4.7:release_p17 cpe:/o:freebsd:freebsd:3.2 cpe:/o:redhat:enterprise_linux:3.0::enterprise_server cpe:/o:freebsd:freebsd:2.0.5 cpe:/o:freebsd:freebsd:4.7 cpe:/o:freebsd:freebsd:3.5 cpe:/o:freebsd:freebsd:5.3:releng cpe:/o:freebsd:freebsd:5.1:release cpe:/o:redhat:enterprise_linux:2.1::enterprise_server cpe:/o:freebsd:freebsd:4.4:release_p42 cpe:/o:freebsd:freebsd:4.10:release cpe:/o:freebsd:freebsd:4.2 cpe:/o:freebsd:freebsd:4.1.1:release cpe:/o:freebsd:freebsd:4.11:stable cpe:/o:freebsd:freebsd:2.2.6 cpe:/o:freebsd:freebsd:5.4:pre-release cpe:/o:freebsd:freebsd:4.4:stable cpe:/o:freebsd:freebsd:5.1:alpha cpe:/o:freebsd:freebsd:5.3 cpe:/o:freebsd:freebsd:4.6:releng cpe:/o:redhat:enterprise_linux:2.1::enterprise_server_ia64 cpe:/o:freebsd:freebsd:4.10:release_p8 cpe:/o:freebsd:freebsd:2.0 cpe:/o:redhat:enterprise_linux:4.0::enterprise_server cpe:/o:ubuntu:ubuntu_linux:4.1::ia64 cpe:/o:sun:solaris:7.0::x86 cpe:/o:freebsd:freebsd:2.2.2 cpe:/o:ubuntu:ubuntu_linux:5.04::powerpc cpe:/o:freebsd:freebsd:4.0 cpe:/o:freebsd:freebsd:1.1.5.1 cpe:/o:redhat:enterprise_linux:4.0::advanced_server cpe:/o:freebsd:freebsd:4.10:releng cpe:/o:freebsd:freebsd:2.1.7.1 cpe:/o:freebsd:freebsd:5.1:release_p5 cpe:/o:freebsd:freebsd:5.3:stable cpe:/o:freebsd:freebsd:4.6:release_p20 cpe:/o:freebsd:freebsd:4.4:releng cpe:/o:freebsd:freebsd:5.0:releng cpe:/o:freebsd:freebsd:5.0:alpha cpe:/o:freebsd:freebsd:5.3:release cpe:/o:freebsd:freebsd:4.4 cpe:/o:freebsd:freebsd:4.5:releng cpe:/o:freebsd:freebsd:4.1 cpe:/o:ubuntu:ubuntu_linux:5.04::amd64 cpe:/o:freebsd:freebsd:4.1.1 cpe:/o:freebsd:freebsd:2.1.5 cpe:/o:freebsd:freebsd:5.2.1:releng cpe:/o:freebsd:freebsd:3.3 cpe:/o:freebsd:freebsd:4.0:alpha CVE-2005-0109 2005-03-05T00:00:00.000-05:00 2011-03-07T21:19:32.907-05:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-06-03T03:59:00.000-04:00 CERT-VN VU#911878 BID 12724 SECTRACK 1013967 VUPEN ADV-2005-3002 VUPEN ADV-2005-0540 REDHAT RHSA-2005:800 REDHAT RHSA-2005:476 MISC http://www.daemonology.net/papers/htt.pdf MISC http://www.daemonology.net/hyperthreading-considered-harmful/ MISC http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVHMCHMC_C081516_754 SUNALERT 101739 SECUNIA 18165 SECUNIA 15348 MLIST [openbsd-misc] 20050304 Re: FreeBSD hiding security stuff MLIST [freebsd-security] 20050304 [Fwd: Re: FW:FreeBSD hiding security stuff] MLIST [freebsd-hackers] 20050304 Re: FW:FreeBSD hiding security stuff SCO SCOSA-2005.24 Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. cpe:/a:microsoft:ie:6.0:sp2 CVE-2005-0110 2005-01-14T00:00:00.000-05:00 2008-09-05T16:45:21.107-04:00 2.6 NETWORK HIGH NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-06-03T04:22:00.000-04:00 FULLDISC 20050114 Internet Explorer (SP2) - Remote File Download Internet Explorer 6 on Windows XP SP2 allows remote attackers to bypass the file download warning dialog and possibly trick an unknowledgeable user into executing arbitrary code via a web page with a body element containing an onclick tag, as demonstrated using the createElement function. cpe:/a:mysql:maxdb:7.5.00 CVE-2005-0111 2005-01-13T00:00:00.000-05:00 2011-03-07T21:19:33.097-05:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T04:28:00.000-04:00 ALLOWS_USER_ACCESS IDEFENSE 20050113 MySQL MaxDB WebAgent websql logon Buffer Overflow Vulnerability BID 12265 SECTRACK 1012893 Stack-based buffer overflow in the websql CGI program in MySQL MaxDB 7.5.00 allows remote attackers to execute arbitrary code via a long password parameter. cpe:/h:3com:3crwe454g72:1.0.3.5 cpe:/h:3com:3crwe454g72:1.0.2.11 cpe:/h:3com:3crwe454g72:1.0.2 CVE-2005-0112 2005-04-14T00:00:00.000-04:00 2008-09-05T16:45:21.417-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 XF 3com-officeconnect-information-disclosure(18994) BID 12322 IDEFENSE 20050120 3Com OfficeConnect Wireless 11g AP Information Disclosure Vulnerability SECTRACK 1012958 SECUNIA 13942 The web-based administrative interface for 3Com OfficeConnect Wireless 11g Access Point (AP) 1.00.08, and possibly earlier versions before 1.03.07A, allows remote attackers to bypass authentication and obtain sensitive information by directly accessing the (1) config.bin (2) profile.wlp?PN=ggg or (3) event.logs URLs. cpe:/o:sgi:irix:6.5 CVE-2005-0113 2005-01-14T00:00:00.000-05:00 2008-09-05T16:45:21.590-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-06-03T04:44:00.000-04:00 ALLOWS_ADMIN_ACCESS XF irix-inpview-gain-privileges(18894) IDEFENSE 20050113 SGI IRIX inpview Design Error Vulnerability SECUNIA 13858 BID 12259 OSVDB 12915 SECTRACK 1012894 inpview in SGI IRIX allows local users to execute arbitrary commands via the SUN_TTSESSION_CMD environment variable, which is executed by inpview without dropping privileges. cpe:/a:zonelabs:zonealarm:5.5.062.011 cpe:/a:checkpoint:check_point_integrity_client:5.1.556.166 cpe:/a:checkpoint:check_point_integrity_client:4.5.122.000 cpe:/a:zonelabs:zonealarm_wireless_security:5.5.080.000 CVE-2005-0114 2005-02-11T00:00:00.000-05:00 2008-09-05T16:45:21.747-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-06-03T05:03:00.000-04:00 IDEFENSE 20050211 ZoneAlarm 5.1 Invalid Pointer Dereference Vulnerability CONFIRM http://download.zonelabs.com/bin/free/securityAlert/19.html BID 12531 SECUNIA 14256 vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm Wireless before 5.5.080.000, Check Point Integrity Client 4.x before 4.5.122.000 and 5.x before 5.1.556.166 do not properly verify that the ServerPortName argument to the NtConnectPort function is a valid memory address, which allows local users to cause a denial of service (system crash) when ZoneAlarm attempts to dereference an invalid pointer. cpe:/a:datarescue:ida:4.7 CVE-2005-0115 2005-01-24T00:00:00.000-05:00 2008-09-05T16:45:21.903-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T05:24:00.000-04:00 ALLOWS_USER_ACCESS XF database-ida-portable-executable-bo(19042) CONFIRM http://www.datarescue.com/ubb/ultimatebb.php?/topic/2/146.html IDEFENSE 20050124 DataRescue Interactive Disassembler Pro Buffer Overflow Vulnerability BID 12353 SECTRACK 1012975 SECUNIA 13980 Stack-based buffer overflow in DataRescue Interactive Disassembler (IDA) Pro 4.7 allows attackers to execute arbitrary code via a PE file with an Import Address Table containing a long import library name. cpe:/a:awstats:awstats:6.3 CVE-2005-0116 2005-01-18T00:00:00.000-05:00 2008-09-05T16:45:22.057-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T05:41:00.000-04:00 ALLOWS_USER_ACCESS CERT-VN VU#272296 IDEFENSE 20050117 AWStats Remote Command Execution Vulnerability SECUNIA 13893 CONFIRM http://awstats.sourceforge.net/docs/awstats_changelog.txt BID 12298 OSVDB 13002 MISC http://packetstormsecurity.org/0501-exploits/AWStatsVulnAnalysis.pdf AWStats 6.1, and other versions before 6.3, allows remote attackers to execute arbitrary commands via shell metacharacters in the configdir parameter to aswtats.pl. cpe:/a:xshisen:xshisen:1.36 CVE-2005-0117 2005-01-11T00:00:00.000-05:00 2008-09-05T16:45:22.213-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T05:56:00.000-04:00 CONFIRM http://www.vuxml.org/freebsd/56971fa6-641c-11d9-a097-000854d03344.html MISC http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=289784 Buffer overflow in XShisen before 1.36 allows local users to execute arbitrary code via a long GECOS field. cpe:/a:helvis:helvis:1.8h2_1 CVE-2005-0118 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:22.370-04:00 2.1 LOCAL LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2005-06-03T10:13:00.000-04:00 CONFIRM http://www.vuxml.org/freebsd/bb99f803-5fde-11d9-b721-00065be4b5b6.html helvis 1.8h2_1 and earlier stores recovery files in world readable directories with world readable permissions, which allows local users to read the recovered files of other users. cpe:/a:helvis:helvis:1.8h2_1 CVE-2005-0119 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:22.527-04:00 2.1 LOCAL LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2005-06-03T10:14:00.000-04:00 CONFIRM http://www.vuxml.org/freebsd/bb99f803-5fde-11d9-b721-00065be4b5b6.html helvis 1.8h2_1 and earlier allows local users to recover and read the files of other users via the elvrec setuid program. CVE-2005-0120 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:22.683-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-06-03T10:16:00.000-04:00 MISC http://people.freebsd.org/~niels/ports/korean/helvis/issues.txt helvis 1.8h2_1 and earlier allows local users to delete arbitrary files via the elvprsv setuid program. cpe:/a:alexander_siegel:golddig:2.0 CVE-2005-0121 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:22.840-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T10:18:00.000-04:00 ALLOWS_USER_ACCESS CONFIRM http://www.vuxml.org/freebsd/949c470e-528f-11d9-ac20-00065be4b5b6.html XF golddig-long-username-bo(19040) XF golddig-long-mapname-bo(19039) Multiple buffer overflows in golddig 2.0 and earlier allow local users to execute arbitrary code via (1) a long map name command line argument or (2) a long username as recorded in the USER environment variable. CVE-2005-0122 2005-04-14T00:00:00.000-04:00 2008-09-10T15:34:59.617-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-0975. Reason: This candidate is a duplicate of CVE-2005-0975. Notes: All CVE users should reference CVE-2005-0975 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. cpe:/o:linux:linux_kernel:2.4.1 cpe:/o:linux:linux_kernel:2.4.22:pre10 cpe:/o:linux:linux_kernel:2.4.17 cpe:/o:linux:linux_kernel:2.4.14 cpe:/o:linux:linux_kernel:2.4.27 cpe:/o:linux:linux_kernel:2.4.10 cpe:/o:linux:linux_kernel:2.4.18:pre5 cpe:/o:linux:linux_kernel:2.4.28 cpe:/o:linux:linux_kernel:2.4.24_ow1 cpe:/o:linux:linux_kernel:2.4.23:pre9 cpe:/o:linux:linux_kernel:2.4.0:test3 cpe:/o:linux:linux_kernel:2.4.29:rc1 cpe:/o:linux:linux_kernel:2.4.0:test7 cpe:/o:linux:linux_kernel:2.4.19:pre6 cpe:/o:linux:linux_kernel:2.4.21:pre1 cpe:/o:linux:linux_kernel:2.6.9:2.6.20 cpe:/o:linux:linux_kernel:2.4.27:pre3 cpe:/o:linux:linux_kernel:2.4.18:pre3 cpe:/o:linux:linux_kernel:2.4.5 cpe:/o:linux:linux_kernel:2.4.19:pre2 cpe:/o:linux:linux_kernel:2.4.29:rc2 cpe:/o:linux:linux_kernel:2.4.12 cpe:/o:linux:linux_kernel:2.4.18::x86 cpe:/o:linux:linux_kernel:2.4.0:test8 cpe:/o:linux:linux_kernel:2.4.0:test9 cpe:/o:linux:linux_kernel:2.4.18:pre7 cpe:/o:linux:linux_kernel:2.4.19:pre3 cpe:/o:linux:linux_kernel:2.4.23_ow2 cpe:/o:linux:linux_kernel:2.4.2 cpe:/o:linux:linux_kernel:2.4.3 cpe:/o:linux:linux_kernel:2.4.0:test11 cpe:/o:linux:linux_kernel:2.4.27:pre1 cpe:/o:linux:linux_kernel:2.4.16 cpe:/o:linux:linux_kernel:2.4.6 cpe:/o:linux:linux_kernel:2.4.0:test10 cpe:/o:linux:linux_kernel:2.4.23 cpe:/o:linux:linux_kernel:2.4.24 cpe:/o:linux:linux_kernel:2.4.7 cpe:/o:linux:linux_kernel:2.4.0:test1 cpe:/o:linux:linux_kernel:2.4.27:pre2 cpe:/o:linux:linux_kernel:2.4.18:pre4 cpe:/o:linux:linux_kernel:2.4.11 cpe:/o:linux:linux_kernel:2.4.4 cpe:/o:linux:linux_kernel:2.4.13 cpe:/o:linux:linux_kernel:2.4.0:test12 cpe:/o:linux:linux_kernel:2.4.18:pre8 cpe:/o:linux:linux_kernel:2.4.0:test2 cpe:/o:linux:linux_kernel:2.4.19 cpe:/o:linux:linux_kernel:2.4.18:pre1 cpe:/o:linux:linux_kernel:2.4.18:pre6 cpe:/o:linux:linux_kernel:2.4.9 cpe:/o:linux:linux_kernel:2.4.21:pre4 cpe:/o:linux:linux_kernel:2.4.8 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel:2.4.19:pre4 cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.4.27:pre4 cpe:/o:linux:linux_kernel:2.4.0:test4 cpe:/o:linux:linux_kernel:2.4.0:test5 cpe:/o:linux:linux_kernel:2.4.27:pre5 cpe:/o:linux:linux_kernel:2.4.21:pre7 cpe:/o:linux:linux_kernel:2.4.19:pre1 cpe:/o:linux:linux_kernel:2.4.18:pre2 cpe:/o:linux:linux_kernel:2.4.22 cpe:/o:linux:linux_kernel:2.4.26 cpe:/o:linux:linux_kernel:2.4.19:pre5 cpe:/o:linux:linux_kernel:2.4.21 cpe:/o:linux:linux_kernel:2.4.0:test6 cpe:/o:linux:linux_kernel:2.4.29 cpe:/o:linux:linux_kernel:2.4.25 cpe:/o:linux:linux_kernel:2.4.15 cpe:/o:linux:linux_kernel:2.4.0 cpe:/o:linux:linux_kernel:2.4.3:pre3 CVE-2005-0124 2005-04-14T00:00:00.000-04:00 2011-03-07T21:19:34.017-05:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 VUPEN ADV-2005-1878 MLIST [linux-kernel] 20050107 [PATCH 2.6.10-mm2] fs/coda Re: [Coverity] Untrusted user data in kernel MLIST [linux-kernel] 20050107 [PATCH 2.4.29-pre3-bk4] fs/coda Re: [Coverity] Untrusted user data in kernel MLIST [linux-kernel] 20050105 Re: [Coverity] Untrusted user data in kernel MLIST [linux-kernel] 20041216 [Coverity] Untrusted user data in kernel BID 14967 FEDORA FLSA:157459-1 REDHAT RHSA-2006:0191 REDHAT RHSA-2005:663 DEBIAN DSA-1082 DEBIAN DSA-1070 DEBIAN DSA-1069 DEBIAN DSA-1067 DEBIAN DSA-1017 SECTRACK 1013018 SECUNIA 20338 SECUNIA 20202 SECUNIA 20163 SECUNIA 19374 SECUNIA 18684 SECUNIA 17002 The coda_pioctl function in the coda functionality (pioctl.c) for Linux kernel 2.6.9 and 2.4.x before 2.4.29 may allow local users to cause a denial of service (crash) or execute arbitrary code via negative vi.in_size or vi.out_size values, which may trigger a buffer overflow. cpe:/o:apple:mac_os_x:10.3.7 cpe:/o:apple:mac_os_x_server:10.3.7 cpe:/o:apple:mac_os_x:10.3.4 CVE-2005-0125 2005-05-02T00:00:00.000-04:00 2008-09-10T15:34:59.757-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-06-03T10:47:00.000-04:00 ALLOWS_ADMIN_ACCESS CERT-VN VU#678150 APPLE APPLE-SA-2005-01-25 XF macos-at-gain-privileges(18981) MISC http://www.digitalmunition.com/DMA[2005-0127a].txt BUGTRAQ 20050127 DMA[2005-0127a] - 'Apple OSX batch family poor use of setuid' The "at" commands on Mac OS X 10.3.7 and earlier do not properly drop privileges, which allows local users to (1) delete arbitrary files via atrm, (2) execute arbitrary programs via the -f argument to batch, or (3) read arbitrary files via the -f argument to batch, which generates a job file that is readable by the local user. cpe:/o:apple:mac_os_x:10.3.7 cpe:/o:apple:mac_os_x_server:10.3.7 cpe:/o:apple:mac_os_x:10.2.8 cpe:/o:apple:mac_os_x_server:10.2.8 cpe:/o:apple:mac_os_x:10.3.8 CVE-2005-0126 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:23.573-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T10:52:00.000-04:00 ALLOWS_USER_ACCESS CERT-VN VU#980078 XF macos-icc-profile-bo(19083) APPLE APPLE-SA-2005-01-25 BID 12367 SECTRACK 1013000 ColorSync on Mac OS X 10.3.7 and 10.3.8 allows attackers to execute arbitrary code via malformed ICC color profiles that modify the heap. cpe:/o:apple:mac_os_x:10.3.7 cpe:/o:apple:mac_os_x_server:10.3.7 CVE-2005-0127 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:23.730-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2005-06-03T10:55:00.000-04:00 CERT-VN VU#464662 XF macos-ethernet-address-disclosure(19085) SECUNIA 14005 APPLE APPLE-SA-2005-01-25 SECTRACK 1013001 Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote attackers to link mail messages to a particular machine. cpe:/a:berlios:konversation:0.15 CVE-2005-0129 2005-04-14T00:00:00.000-04:00 2008-09-05T16:45:23.887-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20050119 Multiple vulnerabilities in Konversation XF konversation-expansion-execute-code(19025) FULLDISC 20050119 Multiple vulnerabilities in Konversation BID 12312 CONFIRM http://www.kde.org/info/security/advisory-20050121-1.txt GENTOO GLSA-200501-34 SECTRACK 1012972 SECUNIA 13989 SECUNIA 13919 The Quick Buttons feature in Konversation 0.15 allows remote attackers to execute certain IRC commands via a channel name containing "%" variables, which are recursively expanded by the Server::parseWildcards function when the Part Button is selected. cpe:/a:berlios:konversation:0.15 CVE-2005-0130 2005-04-14T00:00:00.000-04:00 2008-09-05T16:45:24.043-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20050119 Multiple vulnerabilities in Konversation XF konversation-perlscript-execute-code(19008) FULLDISC 20050119 Multiple vulnerabilities in Konversation BID 12312 CONFIRM http://www.kde.org/info/security/advisory-20050121-1.txt GENTOO GLSA-200501-34 SECTRACK 1012972 SECUNIA 13989 SECUNIA 13919 Certain Perl scripts in Konversation 0.15 allow remote attackers to execute arbitrary commands via shell metacharacters in (1) channel names or (2) song names that are not properly quoted when the user runs IRC sripts. cpe:/a:berlios:konversation:0.15 CVE-2005-0131 2005-04-14T00:00:00.000-04:00 2008-09-05T16:45:24.197-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 BUGTRAQ 20050119 Multiple vulnerabilities in Konversation XF konversation-nick-password-information-disclosure(19038) FULLDISC 20050119 Multiple vulnerabilities in Konversation BID 12312 CONFIRM http://www.kde.org/info/security/advisory-20050121-1.txt GENTOO GLSA-200501-34 SECTRACK 1012972 SECUNIA 13989 SECUNIA 13919 The Quick Connection dialog in Konversation 0.15 inadvertently uses the user-provided password as the nickname instead of the user-provided nickname when connecting to the IRC server, which could leak the password to other users. cpe:/a:clam_anti-virus:clamav:0.80 cpe:/a:clam_anti-virus:clamav:0.65 cpe:/a:clam_anti-virus:clamav:0.54 cpe:/a:clam_anti-virus:clamav:0.68 cpe:/a:clam_anti-virus:clamav:0.67 cpe:/a:clam_anti-virus:clamav:0.53 cpe:/a:clam_anti-virus:clamav:0.52 cpe:/a:clam_anti-virus:clamav:0.51 cpe:/a:clam_anti-virus:clamav:0.68.1 cpe:/a:clam_anti-virus:clamav:0.60 CVE-2005-0133 2005-05-02T00:00:00.000-04:00 2008-09-10T15:35:00.180-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-06-03T11:10:00.000-04:00 TRUSTIX 2005-0003 GENTOO GLSA-200501-46 CONFIRM http://sourceforge.net/project/shownotes.php?release_id=300116 CONECTIVA CLA-2005:928 MANDRAKE MDKSA-2005:025 ClamAV 0.80 and earlier allows remote attackers to cause a denial of service (clamd daemon crash) via a ZIP file with malformed headers. cpe:/o:sco:unixware:7.1.1 cpe:/o:sco:unixware:7.1.4 cpe:/o:sco:unixware:7.1.3 CVE-2005-0134 2005-05-18T00:00:00.000-04:00 2011-03-07T21:19:34.687-05:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-18T10:30:00.000-04:00 ALLOWS_OTHER_ACCESS SCO SCOSA-2005.8 VUPEN ADV-2005-0077 The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not properly create socket directories in /tmp, which could allow attackers to hijack local sockets. cpe:/o:linux:linux_kernel:2.6.0 CVE-2005-0135 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:32.687-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-06-03T11:40:00.000-04:00 CONFIRM https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=148868 REDHAT RHSA-2005:366 REDHAT RHSA-2005:284 SECUNIA 15019 CONFIRM http://linux.bkbits.net:8080/linux-2.6/cset@41f2beablXVnAs_6fznhhITh1j5hZg BID 13266 REDHAT RHSA-2005:293 DEBIAN DSA-1082 DEBIAN DSA-1070 DEBIAN DSA-1069 DEBIAN DSA-1067 SECUNIA 20338 SECUNIA 20202 SECUNIA 20163 The unw_unwind_to_user function in unwind.c on Itanium (ia64) architectures in Linux kernel 2.6 allows local users to cause a denial of service (system crash). cpe:/o:linux:linux_kernel:2.6.8.1.5::power4 cpe:/o:linux:linux_kernel:2.6.8.1.5::amd64 cpe:/o:linux:linux_kernel:2.6.8.1.5::amd64_xeon cpe:/o:linux:linux_kernel:2.6.10:rc3 cpe:/o:linux:linux_kernel:2.6.10:rc1 cpe:/o:linux:linux_kernel:2.6.8.1.5::k7_smp cpe:/o:linux:linux_kernel:2.6.9:rc4 cpe:/o:linux:linux_kernel:2.6.9:rc1 cpe:/o:linux:linux_kernel:2.6.8.1.5::386 cpe:/o:linux:linux_kernel:2.6.8.1.5::amd64_k8 cpe:/o:linux:linux_kernel:2.6.8:rc3 cpe:/o:linux:linux_kernel:2.6.8:rc2 cpe:/o:linux:linux_kernel:2.6.9:rc2 cpe:/o:linux:linux_kernel:2.6.8.1.5::686 cpe:/o:linux:linux_kernel:2.6.8.1.5::power3_smp cpe:/o:linux:linux_kernel:2.6.9:final cpe:/o:linux:linux_kernel:2.6.8.1 cpe:/o:linux:linux_kernel:2.6.10:rc2 cpe:/o:linux:linux_kernel:2.6.8.1.5::powerpc_smp cpe:/o:linux:linux_kernel:2.6.8:rc4 cpe:/o:linux:linux_kernel:2.6.9:2.6.20 cpe:/o:linux:linux_kernel:2.6.8.1.5::power4_smp cpe:/o:linux:linux_kernel:2.6.8.1.5 cpe:/o:linux:linux_kernel:2.6.8.1.5::k7 cpe:/o:linux:linux_kernel:2.6.8.1.5::amd64_k8_smp cpe:/o:linux:linux_kernel:2.6.8.1.5::686_smp cpe:/o:linux:linux_kernel:2.6.8:rc1 cpe:/o:linux:linux_kernel:2.6.8.1.5::powerpc cpe:/o:linux:linux_kernel:2.6.10 cpe:/o:linux:linux_kernel:2.6.8 cpe:/o:linux:linux_kernel:2.6.9:rc3 cpe:/o:linux:linux_kernel:2.6.8.1.5::power3 CVE-2005-0136 2005-09-29T00:00:00.000-04:00 2005-12-31T00:00:00.000-05:00 2011-03-07T21:19:35.110-05:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2006-06-01T19:09:00.000-04:00 MISC https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=155283 MISC https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=148862 REDHAT RHSA-2005:663 REDHAT RHSA-2005:420 CONFIRM http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.11 MLIST [linux-ia64] 20040916 Re: [Patch] Per CPU MCA/INIT data save areas SECUNIA 17002 MISC http://openvz.org/news/updates/kernel-022stab045.1-released VUPEN ADV-2005-1878 MLIST [kernel-svn-changes] 20050816 r3920 - in branches/dist/sarge-security: . kernel kernel/i386 kernel/source kernel/source/kernel-source-2.6.8-2.6.8/debian The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that allow local users to cause a denial of service (crash) via crafted syscalls, possibly related to MCA/INIT, a different vulnerability than CVE-2005-1761. cpe:/o:linux:linux_kernel:2.6.0 CVE-2005-0137 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:33.420-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-06-03T11:42:00.000-04:00 REDHAT RHSA-2005:293 REDHAT RHSA-2005:284 Linux kernel 2.6 on Itanium (ia64) architectures allows local users to cause a denial of service via a "missing Itanium syscall table entry." cpe:/o:sgi:irix:6.5.25 cpe:/o:sgi:irix:6.5.26 cpe:/o:sgi:irix:6.5.27 CVE-2005-0138 2005-09-21T16:03:00.000-04:00 2011-03-07T21:19:35.267-05:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-09-21T16:23:00.000-04:00 CIAC P-214 VUPEN ADV-2005-0702 SECUNIA 15619 rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not correctly allow access to anonymous clients that connect from a system whose hostname can not be determined. NOTE: while this issue occurs in a security mechanism, there is no apparent attacker role and probably does not satisfy the CVE definition of a vulnerability. cpe:/o:sgi:irix:6.5.25 cpe:/o:sgi:irix:6.5.26 cpe:/o:sgi:irix:6.5.27 CVE-2005-0139 2005-09-21T16:03:00.000-04:00 2011-03-07T21:19:35.347-05:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-09-21T16:26:00.000-04:00 CIAC P-214 VUPEN ADV-2005-0702 SECUNIA 15619 Unknown vulnerability in rpc.mountd in SGI IRIX 6.5.25, 6.5.26, and 6.5.27 does not sufficiently restrict access rights for read-mostly exports, which allows attackers to conduct unauthorized activities. cpe:/a:peid:peid:0.92 CVE-2005-0140 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:25.573-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T11:46:00.000-04:00 ALLOWS_USER_ACCESS XF database-ida-portable-executable-bo(19042) IDEFENSE 20050124 DataRescue Interactive Disassembler Pro Buffer Overflow Vulnerability BID 12355 SECUNIA 13984 Buffer overflow in PeID allows attackers to execute arbitrary code via a PE file with an Import Address Table containing a long import library name. cpe:/a:mozilla:mozilla:1.7:rc3 cpe:/a:mozilla:mozilla:1.7.1 cpe:/a:mozilla:firefox:0.9 cpe:/a:mozilla:firefox:0.8 cpe:/a:mozilla:mozilla:1.7.2 cpe:/a:mozilla:mozilla:1.7 cpe:/a:mozilla:firefox:0.9.2 cpe:/a:mozilla:firefox:0.9.1 cpe:/a:mozilla:firefox:0.9.3 cpe:/a:mozilla:mozilla:1.7.3 CVE-2005-0141 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:34.013-04:00 2.6 NETWORK HIGH NONE PARTIAL NONE NONE http://nvd.nist.gov 2005-06-03T12:03:00.000-04:00 XF mozilla-firefox-file-upload(19168) REDHAT RHSA-2005:335 REDHAT RHSA-2005:323 CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=249332 CONFIRM http://www.mozilla.org/security/announce/mfsa2005-01.html BID 12407 Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to load local files via links "with a custom getter and toString method" that are middle-clicked by the user to be opened in a new tab. cpe:/a:mozilla:thunderbird:0.8 cpe:/a:mozilla:mozilla:1.7:rc3 cpe:/a:mozilla:mozilla:1.7.1 cpe:/a:mozilla:firefox:0.9 cpe:/a:mozilla:mozilla:1.7.2 cpe:/a:mozilla:mozilla:1.7 cpe:/a:mozilla:thunderbird:0.7 cpe:/a:mozilla:thunderbird:0.6 cpe:/a:mozilla:mozilla:1.7.3 CVE-2005-0142 2005-05-02T00:00:00.000-04:00 2011-03-07T21:19:35.580-05:00 2.1 LOCAL LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2005-06-03T12:08:00.000-04:00 XF mozilla-world-readable(17832) REDHAT RHSA-2005:335 CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=251297 SUSE SUSE-SA:2006:004 CONFIRM http://www.mozilla.org/security/announce/mfsa2005-02.html REDHAT RHSA-2005:384 SUSE SUSE-SA:2006:022 SECUNIA 19823 Firefox 0.9, Thunderbird 0.6 and other versions before 0.9, and Mozilla 1.7 before 1.7.5 save temporary files with world-readable permissions, which allows local users to read certain web content or attachments that belong to other users, e.g. content that is managed by helper applications such as PDF. cpe:/a:mozilla:firefox:0.9 cpe:/a:mozilla:mozilla:1.2:alpha cpe:/a:mozilla:mozilla:1.7 cpe:/a:mozilla:mozilla:1.0 cpe:/a:mozilla:mozilla:1.1 cpe:/a:mozilla:firefox:0.10 cpe:/a:mozilla:mozilla:1.8:alpha2 cpe:/a:mozilla:mozilla:0.9.7 cpe:/a:mozilla:mozilla:1.7.1 cpe:/a:mozilla:mozilla:0.9.3 cpe:/a:mozilla:mozilla:0.9.2.1 cpe:/a:mozilla:mozilla:1.4:alpha cpe:/a:mozilla:mozilla:1.3 cpe:/a:mozilla:mozilla:1.3.1 cpe:/a:mozilla:mozilla:1.7:alpha cpe:/a:mozilla:mozilla:0.9.4 cpe:/a:mozilla:firefox:0.10.1 cpe:/a:mozilla:mozilla:0.9.48 cpe:/a:mozilla:mozilla:1.7:rc1 cpe:/a:mozilla:mozilla:0.9.8 cpe:/a:mozilla:mozilla:1.7.5 cpe:/a:mozilla:mozilla:1.2.1 cpe:/a:mozilla:mozilla:1.6 cpe:/a:mozilla:mozilla:1.0.1 cpe:/a:mozilla:mozilla:1.4:beta cpe:/a:mozilla:mozilla:1.7:rc2 cpe:/a:mozilla:firefox:1.0 cpe:/a:mozilla:mozilla:0.9.2 cpe:/a:mozilla:mozilla:1.0.2 cpe:/a:mozilla:mozilla:1.5.1 cpe:/a:mozilla:mozilla:1.0:rc1 cpe:/a:mozilla:mozilla:1.4.2 cpe:/a:mozilla:mozilla:1.5 cpe:/a:mozilla:firefox:0.9.2 cpe:/a:mozilla:mozilla:0.9.5 cpe:/a:mozilla:mozilla:1.5:rc1 cpe:/a:mozilla:mozilla:1.7.3 cpe:/a:mozilla:mozilla:1.1:beta cpe:/a:mozilla:firefox:0.8 cpe:/a:mozilla:mozilla:0.8 cpe:/a:mozilla:mozilla:0.9.6 cpe:/a:mozilla:mozilla:1.1:alpha cpe:/a:mozilla:mozilla:1.2 cpe:/a:mozilla:mozilla:1.6:beta cpe:/a:mozilla:mozilla:1.4.1 cpe:/a:mozilla:mozilla:1.7:rc3 cpe:/a:mozilla:mozilla:0.9.35 cpe:/a:mozilla:mozilla:1.7.2 cpe:/a:mozilla:mozilla:0.9.4.1 cpe:/a:mozilla:mozilla:1.0:rc2 cpe:/a:mozilla:mozilla:1.4 cpe:/a:mozilla:mozilla:1.6:alpha cpe:/a:mozilla:mozilla:1.5:rc2 cpe:/a:mozilla:mozilla:0.9.9 cpe:/a:mozilla:mozilla:1.2:beta cpe:/a:mozilla:mozilla:1.7:beta cpe:/a:mozilla:firefox:0.9.1 cpe:/a:mozilla:firefox:0.9.3 cpe:/a:mozilla:mozilla:1.4.4 cpe:/a:mozilla:mozilla cpe:/a:mozilla:firefox:0.9:rc cpe:/a:mozilla:mozilla:1.5:alpha CVE-2005-0143 2005-03-23T00:00:00.000-05:00 2010-08-21T00:25:34.280-04:00 2.6 NETWORK HIGH NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-06-03T12:13:00.000-04:00 CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=257308 XF mozilla-ssl-spoofing(19166) REDHAT RHSA-2005:335 CONFIRM http://www.mozilla.org/security/announce/mfsa2005-03.html BID 12407 REDHAT RHSA-2005:384 Firefox before 1.0 and Mozilla before 1.7.5 display the SSL lock icon when an insecure page loads a binary file from a trusted site, which could facilitate phishing attacks. cpe:/a:mozilla:mozilla:1.7:rc3 cpe:/a:mozilla:mozilla:1.7.1 cpe:/a:mozilla:firefox:0.9 cpe:/a:mozilla:firefox:0.8 cpe:/a:mozilla:mozilla:1.7.2 cpe:/a:mozilla:mozilla:1.7 cpe:/a:mozilla:firefox:0.9.2 cpe:/a:mozilla:firefox:0.9.1 cpe:/a:mozilla:firefox:0.9.3 cpe:/a:mozilla:mozilla:1.7.3 CVE-2005-0144 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:34.403-04:00 2.6 NETWORK HIGH NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-06-03T12:20:00.000-04:00 XF mozilla-ssl-view-source-spoofing(19169) REDHAT RHSA-2005:335 REDHAT RHSA-2005:323 CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=262689 CONFIRM http://www.mozilla.org/security/announce/mfsa2005-04.html BID 12407 Firefox before 1.0 and Mozilla before 1.7.5 display the secure site lock icon when a view-source: URL references a secure SSL site while an insecure page is being loaded, which could facilitate phishing attacks. cpe:/a:mozilla:firefox:0.10.1 cpe:/a:mozilla:firefox:0.9 cpe:/a:mozilla:firefox:0.8 cpe:/a:mozilla:firefox:0.9.2 cpe:/a:mozilla:firefox:0.9.1 cpe:/a:mozilla:firefox:1.0 cpe:/a:mozilla:firefox:0.9.3 cpe:/a:mozilla:firefox:0.10 cpe:/a:mozilla:firefox:0.9:rc CVE-2005-0145 2005-01-24T00:00:00.000-05:00 2008-09-10T15:35:02.290-04:00 2.6 NETWORK HIGH NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-06-03T12:29:00.000-04:00 CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=265176 XF mozilla-script-click-event-bypass(19170) CONFIRM http://www.mozilla.org/security/announce/mfsa2005-07.html BID 12407 Firefox before 1.0 does not properly distinguish between user-generated and synthetic click events, which allows remote attackers to use Javascript to bypass the file download prompt when the user uses the Alt-click feature. cpe:/a:mozilla:mozilla:1.7:rc3 cpe:/a:mozilla:mozilla:1.7.1 cpe:/a:mozilla:firefox:0.9 cpe:/a:mozilla:firefox:0.8 cpe:/a:mozilla:mozilla:1.7.2 cpe:/a:mozilla:mozilla:1.7 cpe:/a:mozilla:firefox:0.9.2 cpe:/a:mozilla:firefox:0.9.1 cpe:/a:mozilla:firefox:0.9.3 cpe:/a:mozilla:mozilla:1.7.3 CVE-2005-0146 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:34.623-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2005-06-03T12:21:00.000-04:00 REDHAT RHSA-2005:335 CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=265728 XF mozilla-middle-click-information-disclosure(19171) CONFIRM http://www.mozilla.org/security/announce/mfsa2005-08.html BID 12407 REDHAT RHSA-2005:384 Firefox before 1.0 and Mozilla before 1.7.5 allow remote attackers to obtain sensitive data from the clipboard via Javascript that generates a middle-click event on systems for which a middle-click performs a paste operation. cpe:/a:mozilla:mozilla:1.7:rc3 cpe:/a:mozilla:mozilla:1.7.1 cpe:/a:mozilla:firefox:0.9 cpe:/a:mozilla:firefox:0.8 cpe:/a:mozilla:mozilla:1.7.2 cpe:/a:mozilla:mozilla:1.7 cpe:/a:mozilla:firefox:0.9.2 cpe:/a:mozilla:firefox:0.9.1 cpe:/a:mozilla:firefox:0.9.3 cpe:/a:mozilla:mozilla:1.7.3 CVE-2005-0147 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:34.747-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T12:22:00.000-04:00 ALLOWS_OTHER_ACCESS XF mozilla-407-proxy-obtain-information(19174) REDHAT RHSA-2005:323 CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=267263 CONFIRM http://www.mozilla.org/security/announce/mfsa2005-09.html BID 12407 Firefox before 1.0 and Mozilla before 1.7.5, when configured to use a proxy, respond to 407 proxy auth requests from arbitrary servers, which allows remote attackers to steal NTLM or SPNEGO credentials. cpe:/a:mozilla:thunderbird:0.8 cpe:/a:mozilla:thunderbird:0.7 cpe:/a:mozilla:thunderbird:0.6 CVE-2005-0148 2005-05-02T00:00:00.000-04:00 2008-09-10T15:35:02.867-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-06-03T12:47:00.000-04:00 XF thunderbird-javascript-handler-launch(19173) CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=263546 CONFIRM http://www.mozilla.org/security/announce/mfsa2005-10.html BID 12407 Thunderbird before 0.9, when running on Windows systems, uses the default handler when processing javascript: links, which invokes Internet Explorer and may expose the Thunderbird user to vulnerabilities in the version of Internet Explorer that is installed on the user's system. NOTE: since the invocation between multiple products is a common practice, and the vulnerabilities inherent in multi-product interactions are not easily enumerable, this issue might be REJECTED in the future. cpe:/a:mozilla:mozilla:1.7:alpha cpe:/a:mozilla:mozilla:1.7:rc3 cpe:/a:mozilla:mozilla:1.7.2 cpe:/a:mozilla:mozilla:1.7:rc1 cpe:/a:mozilla:mozilla:1.7 cpe:/a:mozilla:thunderbird:0.7.2 cpe:/a:mozilla:thunderbird:0.7 cpe:/a:mozilla:thunderbird:0.7.1 cpe:/a:mozilla:mozilla:1.7:beta cpe:/a:mozilla:thunderbird:0.9 cpe:/a:mozilla:mozilla:1.7.3 cpe:/a:mozilla:mozilla:1.7.1 cpe:/a:mozilla:thunderbird:0.6 cpe:/a:mozilla:thunderbird:0.7.3 cpe:/a:mozilla:mozilla:1.7:rc2 CVE-2005-0149 2005-02-15T00:00:00.000-05:00 2011-03-07T21:19:36.000-05:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-06-03T12:36:00.000-04:00 CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=268107 XF mozilla-cookie-policy-bypass(19172) REDHAT RHSA-2005:335 REDHAT RHSA-2005:323 REDHAT RHSA-2005:094 CONFIRM http://www.mozilla.org/security/announce/mfsa2005-11.html SUSE SUSE-SA:2006:004 BID 12407 SUSE SUSE-SA:2006:004 SECUNIA 19823 Thunderbird 0.6 through 0.9 and Mozilla 1.7 through 1.7.3 does not obey the network.cookie.disableCookieForMailNews preference, which could allow remote attackers bypass the user's intended privacy and security policy by using cookies in e-mail messages. cpe:/a:mozilla:firefox:0.10.1 cpe:/a:mozilla:firefox:0.9 cpe:/a:mozilla:firefox:0.8 cpe:/a:mozilla:firefox:0.9.2 cpe:/a:mozilla:firefox:0.9.1 cpe:/a:mozilla:firefox:1.0 cpe:/a:mozilla:firefox:0.9.3 cpe:/a:mozilla:firefox:0.10 cpe:/a:mozilla:firefox:0.9:rc CVE-2005-0150 2005-05-26T00:00:00.000-04:00 2008-09-10T15:35:03.007-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-06-03T12:44:00.000-04:00 CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=265668 XF mozilla-firefox-livefeed-xss(19187) CONFIRM http://www.mozilla.org/security/announce/mfsa2005-12.html BID 12407 Firefox before 1.0 allows the user to store a (1) javascript: or (2) data: URLs as a Livefeed bookmark, then executes it in the security context of the currently loaded page when the user later accesses the bookmark, which could allow remote attackers to execute arbitrary code. cpe:/a:adobe:creative_suite:1.0 cpe:/a:adobe:photoshop:8.0 cpe:/a:adobe:premiere:1.5::pro CVE-2005-0151 2005-06-13T00:00:00.000-04:00 2008-09-05T16:45:27.607-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-13T09:49:00.000-04:00 ALLOWS_OTHER_ACCESS CONFIRM http://www.adobe.com/support/techdocs/331688.html SECTRACK 1014170 SECTRACK 1014169 SECTRACK 1014168 Unknown vulnerability in the installation of Adobe License Management Service, as used in Adobe Photoshop CS, Adobe Creative Suite 1.0, and Adobe Premiere Pro 1.5, allows attackers to gain administrator privileges. cpe:/a:squirrelmail:squirrelmail:1.2.6 CVE-2005-0152 2005-02-02T00:00:00.000-05:00 2008-09-05T16:45:27.760-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T12:50:00.000-04:00 ALLOWS_OTHER_ACCESS CERT-VN VU#203214 DEBIAN DSA-662 SECUNIA 14096 PHP remote file inclusion vulnerability in Squirrelmail 1.2.6 allows remote attackers to execute arbitrary code via "URL manipulation." cpe:/a:larry_wall:perl:5.8.0 CVE-2005-0155 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:35.593-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T12:59:00.000-04:00 XF perl-perliodebug-file-overwrite(19207) TRUSTIX 2005-0003 BID 12426 REDHAT RHSA-2005:105 REDHAT RHSA-2005:103 GENTOO GLSA-200502-13 FULLDISC 20050207 DMA[2005-0131a] - 'Setuid Perl PERLIO_DEBUG root owned file creation' BUGTRAQ 20050202 [USN-72-1] Perl vulnerabilities MISC http://www.digitalmunition.com/DMA[2005-0131a].txt MANDRAKE MDKSA-2005:031 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-163.htm SECUNIA 21646 SECUNIA 14120 FEDORA FLSA-2006:152845 CONECTIVA CLSA-2006:1056 The PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to create arbitrary files via the PERLIO_DEBUG variable. cpe:/o:trustix:secure_linux:1.5 cpe:/a:larry_wall:perl:5.8.4.5 cpe:/o:trustix:secure_linux:2.2 cpe:/o:redhat:enterprise_linux:3.0::advanced_server cpe:/a:larry_wall:perl:5.8.4 cpe:/o:suse:suse_linux:8.1 cpe:/a:sgi:propack:3.0 cpe:/a:larry_wall:perl:5.8.4.2 cpe:/a:larry_wall:perl:5.8.4.3 cpe:/o:suse:suse_linux:9.2 cpe:/o:redhat:enterprise_linux:3.0::workstation_server cpe:/o:redhat:fedora_core:core_3.0 cpe:/o:redhat:enterprise_linux:3.0::enterprise_server cpe:/o:suse:suse_linux:9.1 cpe:/a:larry_wall:perl:5.8.3 cpe:/o:ibm:aix:5.3 cpe:/o:trustix:secure_linux:2.0 cpe:/a:larry_wall:perl:5.8.4.1 cpe:/o:suse:suse_linux:8.0 cpe:/o:suse:suse_linux:9.0::x86_64 cpe:/o:trustix:secure_linux:2.1 cpe:/a:larry_wall:perl:5.8.0 cpe:/a:larry_wall:perl:5.8.1 cpe:/o:suse:suse_linux:8.0::i386 cpe:/a:larry_wall:perl:5.8.4.4 cpe:/o:redhat:enterprise_linux_desktop:3.0 cpe:/o:suse:suse_linux:9.0 cpe:/o:suse:suse_linux:8.2 cpe:/o:ubuntu:ubuntu_linux:4.1::ia64 cpe:/o:ibm:aix:5.2 cpe:/a:larry_wall:perl:5.8.4.2.3 cpe:/o:ubuntu:ubuntu_linux:4.1::ppc CVE-2005-0156 2005-02-07T00:00:00.000-05:00 2010-08-21T00:25:35.717-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-06-03T13:02:00.000-04:00 XF perl-perliodebug-bo(19208) TRUSTIX 2005-0003 BID 12426 REDHAT RHSA-2005:105 REDHAT RHSA-2005:103 GENTOO GLSA-200502-13 MISC http://www.digitalmunition.com/DMA[2005-0131b].txt FULLDISC 20050207 DMA[2005-0131b] - 'Setuid Perl PERLIO_DEBUG BUGTRAQ 20050202 [USN-72-1] Perl vulnerabilities MANDRAKE MDKSA-2005:031 SECUNIA 14120 FEDORA FLSA-2006:152845 CONECTIVA CLSA-2006:1056 Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree. cpe:/a:smartlist:smartlist:3.15 CVE-2005-0157 2005-05-03T00:00:00.000-04:00 2008-09-10T15:35:03.460-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-12T15:53:00.000-04:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-720 The confirm add-on in SmartList 3.15 and earlier allows attackers to subscribe arbitrary e-mail addresses by using a valid cookie that specifies an address other than the address for which the cookie was assigned. cpe:/a:bidwatcher:bidwatcher:1.3.8 cpe:/a:bidwatcher:bidwatcher:1.3.2 cpe:/a:bidwatcher:bidwatcher:1.3.1 cpe:/a:bidwatcher:bidwatcher:1.1.9.2 cpe:/a:bidwatcher:bidwatcher:1.1.2 cpe:/a:bidwatcher:bidwatcher:1.3.10 cpe:/a:bidwatcher:bidwatcher:1.3.9 cpe:/a:bidwatcher:bidwatcher:1.3.14 cpe:/a:bidwatcher:bidwatcher:1.3.6 cpe:/a:bidwatcher:bidwatcher:1.3.12 cpe:/a:bidwatcher:bidwatcher:1.3.11 cpe:/a:bidwatcher:bidwatcher:1.3.3 cpe:/a:bidwatcher:bidwatcher:1.3.13 cpe:/a:bidwatcher:bidwatcher:1.1.9.1 cpe:/a:bidwatcher:bidwatcher:1.0.5 cpe:/a:bidwatcher:bidwatcher:1.2.0 cpe:/a:bidwatcher:bidwatcher:1.3.4 cpe:/a:bidwatcher:bidwatcher:1.3.0_beta cpe:/a:bidwatcher:bidwatcher:1.3.16 cpe:/a:bidwatcher:bidwatcher:1.1.7 cpe:/a:bidwatcher:bidwatcher:1.1.8 cpe:/a:bidwatcher:bidwatcher:1.3.15 cpe:/a:bidwatcher:bidwatcher:1.1.9 cpe:/a:bidwatcher:bidwatcher:1.3.7 cpe:/a:bidwatcher:bidwatcher:1.3.5 CVE-2005-0158 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:28.527-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T13:29:00.000-04:00 GENTOO GLSA-200503-06 DEBIAN DSA-687 Format string vulnerability in bidwatcher before 1.3.17 allows remote malicious web servers from eBay, or a spoofed eBay server, to cause a denial of service and possibly execute arbitrary code via certain responses. cpe:/o:debian:debian_linux:3.0::hppa cpe:/o:debian:debian_linux:3.0::mips cpe:/o:debian:debian_linux:3.0::ia-32 cpe:/o:debian:debian_linux:3.0::m68k cpe:/o:debian:debian_linux:3.0::s-390 cpe:/a:debian:toolchain-source:3.0.3-1 cpe:/o:debian:debian_linux:3.0::alpha cpe:/o:debian:debian_linux:3.0::arm cpe:/o:debian:debian_linux:3.0::ia-64 cpe:/a:debian:toolchain-source:3.0.3-2 cpe:/a:debian:toolchain-source:3.0.3-3 cpe:/o:debian:debian_linux:3.0::mipsel cpe:/a:debian:toolchain-source:3.0.4 cpe:/o:debian:debian_linux:3.0::sparc cpe:/o:debian:debian_linux:3.0::ppc cpe:/o:debian:debian_linux:3.0 CVE-2005-0159 2005-04-27T00:00:00.000-04:00 2008-09-05T16:45:28.747-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS BID 12540 DEBIAN DSA-679 XF toolchain-source-symlink(19317) SECUNIA 14277 The tpkg-* scripts in the toolchain-source 3.0.4 package on Debian GNU/Linux 3.0 allow local users to overwrite arbitrary files via a symlink attack on temporary files. cpe:/a:e-merge:unace:1.2b CVE-2005-0160 2005-02-22T00:00:00.000-05:00 2008-09-05T16:45:28.947-04:00 5.1 NETWORK HIGH NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T13:08:00.000-04:00 ALLOWS_USER_ACCESS CERT-VN VU#215006 SUSE SUSE-SR:2005:016 SECUNIA 14359 FULLDISC 20050222 unace-1.2b multiple buffer overflows and directory traversal bugs BID 12630 Multiple buffer overflows in unace 1.2b allow attackers to execute arbitrary code via (1) 2 overflows in ACE archives, (2) a long command line argument, or (3) certain "Ready for next volume" messages. cpe:/a:e-merge:unace:1.2b CVE-2005-0161 2005-02-22T00:00:00.000-05:00 2008-09-05T16:45:29.103-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-06-03T13:10:00.000-04:00 SUSE SUSE-SR:2005:016 SECUNIA 14359 FULLDISC 20050222 unace-1.2b multiple buffer overflows and directory traversal bugs BID 12628 Multiple directory traversal vulnerabilities in unace 1.2b allow attackers to overwrite arbitrary files via an ACE archive containing (1) ../ sequences or (2) absolute pathnames. cpe:/a:openswan:openswan:2.3.0 cpe:/a:openswan:openswan:1.0.9 CVE-2005-0162 2005-01-26T00:00:00.000-05:00 2008-09-05T16:45:29.260-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-06-03T13:21:00.000-04:00 ALLOWS_ADMIN_ACCESS XF openswan-xauth-pam-bo(19078) CONFIRM http://www.openswan.org/support/vuln/IDEF0785/ IDEFENSE 20050126 Openswan XAUTH/PAM Buffer Overflow Vulnerability BID 12377 FEDORA FEDORA-2005-082 OSVDB 13195 SECTRACK 1013014 SECUNIA 14062 SECUNIA 14038 Stack-based buffer overflow in the get_internal_addresses function in the pluto application for Openswan 1.x before 1.0.9, and Openswan 2.x before 2.3.0, when compiled with XAUTH and PAM enabled, allows remote authenticated attackers to execute arbitrary code. cpe:/a:squid:squid:2.1.patch2 cpe:/a:squid:squid:2.2.stable5 cpe:/a:squid:squid:2.1.release cpe:/a:squid:squid:2.3.stable3 cpe:/a:squid:squid:2.5.stable4 cpe:/a:squid:squid:2.2.stable1 cpe:/a:squid:squid:2.4.stable2 cpe:/a:squid:squid:2.3.stable2 cpe:/a:squid:squid:2.2.stable2 cpe:/a:squid:squid:2.4.stable4 cpe:/a:squid:squid:2.2.pre2 cpe:/a:squid:squid:2.4.stable7 cpe:/a:squid:squid:2.3.stable4 cpe:/a:squid:squid:2.3.devel3 cpe:/a:squid:squid:2.1.pre4 cpe:/a:squid:squid:2.5.stable6 cpe:/a:squid:squid:2.0.patch2 cpe:/a:squid:squid:2.2.devel4 cpe:/a:squid:squid:2.0.release cpe:/a:squid:squid:2.2.stable4 cpe:/a:squid:squid:2.4.stable3 cpe:/a:squid:squid:2.5.stable5 cpe:/a:squid:squid:2.5.stable2 cpe:/a:squid:squid:2.1.pre3 cpe:/a:squid:squid:2.5.stable3 cpe:/a:squid:squid:2.0.patch1 cpe:/a:squid:squid:2.1.patch1 cpe:/a:squid:squid:2.2.stable3 cpe:/a:squid:squid:2.2.pre1 cpe:/a:squid:squid:2.4.stable6 cpe:/a:squid:squid:2.3.stable5 cpe:/a:squid:squid:2.0.pre1 cpe:/a:squid:squid:2.1.pre1 cpe:/a:squid:squid:2.2.devel3 cpe:/a:squid:squid:2.5.stable1 cpe:/a:squid:squid:2.3.devel2 cpe:/a:squid:squid:2.4.stable1 cpe:/a:squid:squid:2.3.stable1 CVE-2005-0173 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:36.357-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T14:31:00.000-04:00 ALLOWS_OTHER_ACCESS CERT-VN VU#924198 CONFIRM http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-ldap_spaces.patch CONFIRM http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-ldap_spaces REDHAT RHSA-2005:061 REDHAT RHSA-2005:060 SUSE SUSE-SA:2005:006 DEBIAN DSA-667 BUGTRAQ 20050207 [USN-77-1] Squid vulnerabilities CONECTIVA CLA-2005:923 CONFIRM http://www.squid-cache.org/bugs/show_bug.cgi?id=1187 BID 12431 MANDRAKE MDKSA-2005:034 FEDORA FLSA-2006:152809 squid_ldap_auth in Squid 2.5 and earlier allows remote authenticated users to bypass username-based Access Control Lists (ACLs) via a username with a space at the beginning or end, which is ignored by the LDAP server. cpe:/a:squid:squid:2.5_.stable6 cpe:/a:squid:squid:2.5.6 cpe:/a:squid:squid:2.5.stable5 cpe:/a:squid:squid:2.5_.stable3 cpe:/a:squid:squid:2.5.stable2 cpe:/a:squid:squid:2.5_.stable1 cpe:/a:squid:squid:2.5.stable3 cpe:/a:squid:squid:2.5.stable4 cpe:/a:squid:squid:2.5_stable3 cpe:/a:squid:squid:2.5_stable9 cpe:/a:squid:squid:2.5_.stable4 cpe:/a:squid:squid:2.5.stable1 cpe:/a:squid:squid:2.5_.stable5 cpe:/a:squid:squid:2.5_stable4 cpe:/a:squid:squid:2.5.stable6 cpe:/a:squid:squid:2.5.stable7 CVE-2005-0174 2005-02-07T00:00:00.000-05:00 2010-08-21T00:25:36.513-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-06-03T13:30:00.000-04:00 CERT-VN VU#768702 REDHAT RHSA-2005:061 REDHAT RHSA-2005:060 CONFIRM http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-header_parsing FEDORA FEDORA-2005-373 SUSE SUSE-SA:2005:006 BUGTRAQ 20050207 [USN-77-1] Squid vulnerabilities CONECTIVA CLA-2005:931 BID 12412 MANDRAKE MDKSA-2005:034 FEDORA FLSA-2006:152809 Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specification, including (1) multiple Content-Length headers, (2) carriage return (CR) characters that are not part of a CRLF pair, and (3) header names containing whitespace characters. cpe:/a:squid:squid:2.5_.stable6 cpe:/a:squid:squid:2.5.6 cpe:/a:squid:squid:2.5.stable5 cpe:/a:squid:squid:2.5_.stable3 cpe:/a:squid:squid:2.5.stable2 cpe:/a:squid:squid:2.5_.stable1 cpe:/a:squid:squid:2.5.stable3 cpe:/a:squid:squid:2.5.stable4 cpe:/a:squid:squid:2.5_stable3 cpe:/a:squid:squid:2.5_stable9 cpe:/a:squid:squid:2.5_.stable4 cpe:/a:squid:squid:2.5.stable1 cpe:/a:squid:squid:2.5_.stable5 cpe:/a:squid:squid:2.5_stable4 cpe:/a:squid:squid:2.5.stable6 cpe:/a:squid:squid:2.5.stable7 CVE-2005-0175 2005-02-07T00:00:00.000-05:00 2010-08-21T00:25:36.637-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-06-03T13:42:00.000-04:00 CERT-VN VU#625878 REDHAT RHSA-2005:061 REDHAT RHSA-2005:060 SUSE SUSE-SA:2005:006 DEBIAN DSA-667 BUGTRAQ 20050207 [USN-77-1] Squid vulnerabilities CONECTIVA CLA-2005:931 CONFIRM http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-response_splitting CONFIRM http://www.squid-cache.org/Advisories/SQUID-2005_5.txt FEDORA FEDORA-2005-373 BID 12433 MANDRAKE MDKSA-2005:034 FEDORA FLSA-2006:152809 Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack. cpe:/o:linux:linux_kernel:2.6.9:2.6.20 CVE-2005-0176 2005-02-15T00:00:00.000-05:00 2010-08-21T00:25:36.763-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2005-06-03T13:52:00.000-04:00 REDHAT RHSA-2005:092 BUGTRAQ 20050215 [USN-82-1] Linux kernel vulnerabilities CONECTIVA CLA-2005:930 BID 12598 REDHAT RHSA-2005:472 SECUNIA 19607 SGI 20060402-01-U The shmctl function in Linux 2.6.9 and earlier allows local users to unlock the memory of other processes, which could cause sensitive memory to be swapped to disk, which could allow it to be read by other users once it has been released. cpe:/o:linux:linux_kernel:2.6.8.1 CVE-2005-0177 2005-03-07T00:00:00.000-05:00 2010-08-21T00:25:36.903-04:00 7.8 NETWORK LOW NONE NONE NONE COMPLETE http://nvd.nist.gov 2005-06-03T13:58:00.000-04:00 REDHAT RHSA-2005:092 CONFIRM http://linux.bkbits.net:8080/linux-2.6/cset@41e2bfbeOiXFga62XrBhzm7Kv9QDmQ CONECTIVA CLA-2005:930 BID 12598 BUGTRAQ 20050215 [USN-82-1] Linux kernel vulnerabilities nls_ascii.c in Linux before 2.6.8.1 uses an incorrect table size, which allows attackers to cause a denial of service (kernel crash) via a buffer overflow. cpe:/o:linux:linux_kernel:2.5.42 cpe:/o:linux:linux_kernel:2.0.28 cpe:/o:linux:linux_kernel:2.0.31 cpe:/o:linux:linux_kernel:2.3.99:pre6 cpe:/o:linux:linux_kernel:2.5.35 cpe:/o:linux:linux_kernel:2.0.13 cpe:/o:linux:linux_kernel:2.3.99:pre3 cpe:/o:linux:linux_kernel:2.0.4 cpe:/o:linux:linux_kernel:2.6.11.6 cpe:/o:linux:linux_kernel:2.5.66 cpe:/o:linux:linux_kernel:2.0.12 cpe:/o:linux:linux_kernel:2.5.58 cpe:/o:linux:linux_kernel:2.0.33 cpe:/o:linux:linux_kernel:2.2.3 cpe:/o:linux:linux_kernel:2.5.26 cpe:/o:linux:linux_kernel:2.2.10 cpe:/o:linux:linux_kernel:2.6.11 cpe:/o:linux:linux_kernel:2.6.0:test11 cpe:/o:linux:linux_kernel:2.2.14 cpe:/o:linux:linux_kernel:2.5.4 cpe:/o:linux:linux_kernel:2.3.99 cpe:/o:linux:linux_kernel:2.5.20 cpe:/o:linux:linux_kernel:2.5.56 cpe:/o:linux:linux_kernel:2.3.99:pre4 cpe:/o:linux:linux_kernel:2.4.29:rc2 cpe:/o:linux:linux_kernel:2.4.12 cpe:/o:linux:linux_kernel:2.5.65 cpe:/o:linux:linux_kernel:2.4.0:test8 cpe:/o:linux:linux_kernel:2.6.11.3 cpe:/o:linux:linux_kernel:2.2.7 cpe:/o:linux:linux_kernel:2.5.0 cpe:/o:linux:linux_kernel:2.0.18 cpe:/o:linux:linux_kernel:2.0.30 cpe:/o:linux:linux_kernel:2.0.14 cpe:/o:linux:linux_kernel:2.4.19:pre3 cpe:/o:linux:linux_kernel:2.4.23_ow2 cpe:/o:linux:linux_kernel:2.2.18 cpe:/o:linux:linux_kernel:2.6.12:rc4 cpe:/o:linux:linux_kernel:2.5.57 cpe:/o:linux:linux_kernel:2.1.89 cpe:/o:linux:linux_kernel:2.2.2 cpe:/o:linux:linux_kernel:2.4.0:test10 cpe:/o:linux:linux_kernel:2.0 cpe:/o:linux:linux_kernel:2.0.9 cpe:/o:linux:linux_kernel:2.5.63 cpe:/o:linux:linux_kernel:2.6.8:rc3 cpe:/o:linux:linux_kernel:2.4.4 cpe:/o:linux:linux_kernel:2.4.13 cpe:/o:linux:linux_kernel:2.5.28 cpe:/o:linux:linux_kernel:2.5.62 cpe:/o:linux:linux_kernel:2.0.8 cpe:/o:linux:linux_kernel:2.0.10 cpe:/o:linux:linux_kernel:2.5.49 cpe:/o:linux:linux_kernel:2.4.19:pre4 cpe:/o:linux:linux_kernel:2.6.1:rc1 cpe:/o:linux:linux_kernel:2.4.0:test4 cpe:/o:linux:linux_kernel:2.4.27:pre4 cpe:/o:linux:linux_kernel:2.2.1 cpe:/o:linux:linux_kernel:2.6.0 cpe:/o:linux:linux_kernel:2.5.3 cpe:/o:linux:linux_kernel:2.5.46 cpe:/o:linux:linux_kernel:2.3.99:pre5 cpe:/o:linux:linux_kernel:2.6.0:test8 cpe:/o:linux:linux_kernel:2.0.35 cpe:/o:linux:linux_kernel:2.0.36 cpe:/o:linux:linux_kernel:2.4.19:pre5 cpe:/o:linux:linux_kernel:2.4.30:rc3 cpe:/o:linux:linux_kernel:2.6.0:test10 cpe:/o:linux:linux_kernel:2.2.11 cpe:/o:linux:linux_kernel:2.4.0:test6 cpe:/o:linux:linux_kernel:2.5.60 cpe:/o:linux:linux_kernel:2.0.3 cpe:/o:linux:linux_kernel:2.5.44 cpe:/o:linux:linux_kernel:2.4.3:pre3 cpe:/o:linux:linux_kernel:2.5.59 cpe:/a:netkit:linux_netkit:0.17 cpe:/o:linux:linux_kernel:2.5.9 cpe:/o:linux:linux_kernel:2.5.6 cpe:/o:linux:linux_kernel:2.4.1 cpe:/o:linux:linux_kernel:2.5.22 cpe:/o:linux:linux_kernel:2.5.14 cpe:/o:linux:linux_kernel:2.5.24 cpe:/o:linux:linux_kernel:2.3.99:pre2 cpe:/o:linux:linux_kernel:2.0.27 cpe:/o:linux:linux_kernel:2.4.10 cpe:/o:linux:linux_kernel:2.6.0:test5 cpe:/o:linux:linux_kernel:2.2.25 cpe:/o:linux:linux_kernel:2.4.18:pre5 cpe:/o:linux:linux_kernel:2.5.2 cpe:/o:linux:linux_kernel:2.6.11:rc3 cpe:/o:linux:linux_kernel:2.5.10 cpe:/o:linux:linux_kernel:2.5.55 cpe:/o:linux:linux_kernel:2.4.0:test7 cpe:/o:linux:linux_kernel:2.4.19:pre6 cpe:/o:linux:linux_kernel:2.5.1 cpe:/o:linux:linux_kernel:2.4.21:pre1 cpe:/o:linux:linux_kernel:2.5.29 cpe:/o:linux:linux_kernel:2.0.24 cpe:/o:linux:linux_kernel:2.6.0:test7 cpe:/o:linux:linux_kernel:2.4.5 cpe:/o:linux:linux_kernel:2.5.7 cpe:/o:linux:linux_kernel:2.5.36 cpe:/o:linux:linux_kernel:2.3.0 cpe:/o:linux:linux_kernel:2.0.6 cpe:/o:linux:linux_kernel:2.4.18:pre7 cpe:/o:linux:linux_kernel:2.5.41 cpe:/a:vserver:linux-vserver:1.20 cpe:/o:linux:linux_kernel:2.4.2 cpe:/o:linux:linux_kernel:2.4.0:test11 cpe:/o:linux:linux_kernel:2.5.13 cpe:/o:linux:linux_kernel:2.2.15:pre16 cpe:/o:linux:linux_kernel:2.4.27:pre1 cpe:/o:linux:linux_kernel:2.5.34 cpe:/o:linux:linux_kernel:2.2.24 cpe:/o:linux:linux_kernel:2.2.9 cpe:/o:linux:linux_kernel:2.2.22 cpe:/o:linux:linux_kernel:2.6.4 cpe:/o:linux:linux_kernel:2.2.15 cpe:/o:linux:linux_kernel:2.5.61 cpe:/o:linux:linux_kernel:2.4.18:pre4 cpe:/o:linux:linux_kernel:2.5.64 cpe:/o:linux:linux_kernel:2.4.11 cpe:/o:linux:linux_kernel:2.4.18:pre8 cpe:/o:linux:linux_kernel:2.5.11 cpe:/o:linux:linux_kernel:2.2.21 cpe:/o:linux:linux_kernel:2.4.19 cpe:/o:linux:linux_kernel:2.2.5 cpe:/o:linux:linux_kernel:2.0.26 cpe:/o:linux:linux_kernel:2.6.11.5 cpe:/o:linux:linux_kernel:2.2.8 cpe:/o:linux:linux_kernel:2.5.8 cpe:/o:linux:linux_kernel:2.4.21:pre4 cpe:/o:linux:linux_kernel:2.4.9 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel:2.4.8 cpe:/o:linux:linux_kernel:2.4.0:test5 cpe:/o:linux:linux_kernel:2.6.2 cpe:/o:linux:linux_kernel:2.0.37 cpe:/a:netkit:linux_netkit:0.17.17 cpe:/o:linux:linux_kernel:2.4.19:pre1 cpe:/o:linux:linux_kernel:2.0.11 cpe:/o:linux:linux_kernel:2.4.18:pre2 cpe:/o:linux:linux_kernel:2.6.10 cpe:/o:linux:linux_kernel:2.0.25 cpe:/o:linux:linux_kernel:2.6.6 cpe:/o:linux:linux_kernel:2.4.29 cpe:/o:linux:linux_kernel:2.4.0 cpe:/o:linux:linux_kernel:2.5.53 cpe:/o:linux:linux_kernel:2.5.43 cpe:/o:linux:linux_kernel:2.0.16 cpe:/o:linux:linux_kernel:2.5.51 cpe:/o:linux:linux_kernel:2.6.0:test2 cpe:/o:linux:linux_kernel:2.0.2 cpe:/o:linux:linux_kernel:2.0.19 cpe:/o:linux:linux_kernel:2.6.1 cpe:/o:linux:linux_kernel:2.5.54 cpe:/o:linux:linux_kernel:2.0.15 cpe:/o:linux:linux_kernel:2.4.27 cpe:/o:linux:linux_kernel:2.5.27 cpe:/o:linux:linux_kernel:2.0.29 cpe:/o:linux:linux_kernel:2.0.22 cpe:/o:linux:linux_kernel:2.4.24_ow1 cpe:/o:linux:linux_kernel:2.5.15 cpe:/o:linux:linux_kernel:2.4.0:test3 cpe:/o:linux:linux_kernel:2.4.23:pre9 cpe:/o:linux:linux_kernel:2.6.0:test1 cpe:/o:linux:linux_kernel:2.6.0:test6 cpe:/o:linux:linux_kernel:2.2.13 cpe:/a:vserver:linux-vserver:1.21 cpe:/o:linux:linux_kernel:2.2.16 cpe:/o:linux:linux_kernel:2.5.21 cpe:/o:linux:linux_kernel:2.5.69 cpe:/a:vserver:linux-vserver:1.23 cpe:/o:linux:linux_kernel:2.0.7 cpe:/o:linux:linux_kernel:2.4.3 cpe:/o:linux:linux_kernel:2.5.40 cpe:/o:linux:linux_kernel:2.4.23 cpe:/o:linux:linux_kernel:2.4.30:rc2 cpe:/o:linux:linux_kernel:2.2.23 cpe:/o:linux:linux_kernel:2.4.30 cpe:/o:linux:linux_kernel:2.4.0:test1 cpe:/o:linux:linux_kernel:2.2.16:pre6 cpe:/o:linux:linux_kernel:2.5.30 cpe:/o:linux:linux_kernel:2.4.27:pre2 cpe:/o:linux:linux_kernel:2.4.0:test12 cpe:/o:linux:linux_kernel:2.4.0:test2 cpe:/o:linux:linux_kernel:2.5.16 cpe:/o:linux:linux_kernel:2.4.18:pre1 cpe:/o:linux:linux_kernel:2.6.12:rc1 cpe:/o:linux:linux_kernel:2.0.21 cpe:/o:linux:linux_kernel:2.2.17 cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.6.1:rc2 cpe:/o:linux:linux_kernel:2.4.27:pre5 cpe:/o:linux:linux_kernel:2.6.11.2 cpe:/o:linux:linux_kernel:2.0.38 cpe:/o:linux:linux_kernel:2.0.39 cpe:/o:linux:linux_kernel:2.6.0:test4 cpe:/o:linux:linux_kernel:2.5.47 cpe:/o:linux:linux_kernel:2.4.21:pre7 cpe:/a:vserver:linux-vserver:1.22 cpe:/o:linux:linux_kernel:2.0.1 cpe:/o:linux:linux_kernel:2.4.22 cpe:/o:linux:linux_kernel:2.6.6:rc1 cpe:/o:linux:linux_kernel:2.6.11.4 cpe:/o:linux:linux_kernel:2.3.99:pre1 cpe:/o:linux:linux_kernel:2.6.3 cpe:/o:linux:linux_kernel:2.2.20 cpe:/o:linux:linux_kernel:2.5.39 cpe:/o:linux:linux_kernel:2.4.31:pre1 cpe:/o:linux:linux_kernel:2.5.67 cpe:/o:linux:linux_kernel:2.0.5 cpe:/o:linux:linux_kernel:2.2.0 cpe:/o:linux:linux_kernel:2.4.21 cpe:/o:linux:linux_kernel:2.4.25 cpe:/o:linux:linux_kernel:2.3.99:pre7 cpe:/o:linux:linux_kernel:2.5.18 cpe:/o:linux:linux_kernel:2.6.11:rc2 cpe:/o:linux:linux_kernel:2.1 cpe:/o:linux:linux_kernel:2.5.23 cpe:/o:linux:linux_kernel:2.6.7:rc1 cpe:/o:linux:linux_kernel:2.4.22:pre10 cpe:/o:linux:linux_kernel:2.4.17 cpe:/o:linux:linux_kernel:2.4.14 cpe:/o:linux:linux_kernel:2.2.12 cpe:/o:linux:linux_kernel:2.0.17 cpe:/o:linux:linux_kernel:2.6.0:test9 cpe:/o:linux:linux_kernel:2.5.31 cpe:/o:linux:linux_kernel:2.6.20.1 cpe:/o:linux:linux_kernel:2.0.9.9 cpe:/o:linux:linux_kernel:2.4.28 cpe:/o:linux:linux_kernel:2.5.32 cpe:/o:linux:linux_kernel:2.6.11:rc4 cpe:/o:linux:linux_kernel:2.4.29:rc1 cpe:/o:linux:linux_kernel:2.5.37 cpe:/o:linux:linux_kernel:2.0.20 cpe:/o:linux:linux_kernel:2.4.27:pre3 cpe:/o:linux:linux_kernel:2.4.18:pre3 cpe:/o:linux:linux_kernel:2.5.45 cpe:/o:linux:linux_kernel:2.4.19:pre2 cpe:/o:linux:linux_kernel:2.5.17 cpe:/o:linux:linux_kernel:2.2.6 cpe:/o:linux:linux_kernel:2.4.18::x86 cpe:/o:linux:linux_kernel:2.5.12 cpe:/o:linux:linux_kernel:2.6.5 cpe:/o:linux:linux_kernel:2.6.7 cpe:/o:linux:linux_kernel:2.4.0:test9 cpe:/o:linux:linux_kernel:2.5.38 cpe:/o:linux:linux_kernel:2.6_test9_cvs cpe:/o:linux:linux_kernel:2.4.16 cpe:/o:linux:linux_kernel:2.5.48 cpe:/o:linux:linux_kernel:2.4.6 cpe:/o:linux:linux_kernel:2.6.11.8 cpe:/o:linux:linux_kernel:2.4.24 cpe:/o:linux:linux_kernel:2.2.15_pre20 cpe:/o:linux:linux_kernel:2.4.7 cpe:/o:linux:linux_kernel:2.5.33 cpe:/o:linux:linux_kernel:2.5.50 cpe:/o:linux:linux_kernel:2.6.8:rc2 cpe:/o:linux:linux_kernel:2.5.19 cpe:/o:linux:linux_kernel:2.2.27:rc2 cpe:/o:linux:linux_kernel:2.6.10:rc2 cpe:/o:linux:linux_kernel:2.0.23 cpe:/o:linux:linux_kernel:2.0.34 cpe:/o:linux:linux_kernel:2.4.18:pre6 cpe:/a:vserver:linux-vserver:1.24 cpe:/o:linux:linux_kernel:2.5.52 cpe:/o:linux:linux_kernel:2.5.68 cpe:/o:linux:linux_kernel:2.2.19 cpe:/o:linux:linux_kernel:2.5.25 cpe:/o:linux:linux_kernel:2.0.32 cpe:/o:linux:linux_kernel:2.6.8:rc1 cpe:/o:linux:linux_kernel:2.5.5 cpe:/o:linux:linux_kernel:2.6.11.7 cpe:/o:linux:linux_kernel:2.6.0:test3 cpe:/o:linux:linux_kernel:2.4.26 cpe:/o:linux:linux_kernel:2.6.8 cpe:/o:linux:linux_kernel:2.6.11.1 cpe:/o:linux:linux_kernel:2.2.4 cpe:/o:linux:linux_kernel:2.4.15 CVE-2005-0178 2005-03-07T00:00:00.000-05:00 2010-08-21T00:25:37.030-04:00 6.2 LOCAL HIGH NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-06-03T14:09:00.000-04:00 REDHAT RHSA-2005:092 CONFIRM http://linux.bkbits.net:8080/linux-2.6/cset@41ddda70CWJb5nNL71T4MOlG2sMG8A BID 12598 BUGTRAQ 20050215 [USN-82-1] Linux kernel vulnerabilities CONECTIVA CLA-2005:930 Race condition in the setsid function in Linux before 2.6.8.1 allows local users to cause a denial of service (crash) and possibly access portions of kernel memory, related to TTY changes, locking, and semaphores. cpe:/o:linux:linux_kernel:2.6.0:test2 cpe:/o:linux:linux_kernel:2.6.1 cpe:/o:linux:linux_kernel:2.4.27 cpe:/o:linux:linux_kernel:2.6.11.6 cpe:/o:linux:linux_kernel:2.4.24_ow1 cpe:/o:linux:linux_kernel:2.4.0:test3 cpe:/o:linux:linux_kernel:2.4.23:pre9 cpe:/o:linux:linux_kernel:2.6.0:test1 cpe:/o:linux:linux_kernel:2.6.11 cpe:/o:linux:linux_kernel:2.6.0:test11 cpe:/o:linux:linux_kernel:2.6.9:2.6.20 cpe:/o:linux:linux_kernel:2.6.0:test6 cpe:/o:linux:linux_kernel:2.4.29:rc2 cpe:/o:linux:linux_kernel:2.4.12 cpe:/o:linux:linux_kernel:2.4.0:test8 cpe:/o:linux:linux_kernel:2.6.11.3 cpe:/o:linux:linux_kernel:2.4.19:pre3 cpe:/o:linux:linux_kernel:2.4.23_ow2 cpe:/o:linux:linux_kernel:2.6.12:rc4 cpe:/o:linux:linux_kernel:2.4.3 cpe:/o:linux:linux_kernel:2.4.23 cpe:/o:linux:linux_kernel:2.4.0:test10 cpe:/o:linux:linux_kernel:2.4.30:rc2 cpe:/o:linux:linux_kernel:2.4.30 cpe:/o:linux:linux_kernel:2.4.0:test1 cpe:/o:linux:linux_kernel:2.4.27:pre2 cpe:/o:linux:linux_kernel:2.6.8:rc3 cpe:/o:linux:linux_kernel:2.4.4 cpe:/o:linux:linux_kernel:2.4.13 cpe:/o:linux:linux_kernel:2.4.0:test12 cpe:/o:linux:linux_kernel:2.4.0:test2 cpe:/o:linux:linux_kernel:2.4.18:pre1 cpe:/o:linux:linux_kernel:2.6.12:rc1 cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.4.19:pre4 cpe:/o:linux:linux_kernel:2.4.0:test4 cpe:/o:linux:linux_kernel:2.4.27:pre4 cpe:/o:linux:linux_kernel:2.6.1:rc1 cpe:/o:linux:linux_kernel:2.4.27:pre5 cpe:/o:linux:linux_kernel:2.6.1:rc2 cpe:/o:linux:linux_kernel:2.6.11.2 cpe:/o:linux:linux_kernel:2.4.21:pre7 cpe:/o:linux:linux_kernel:2.6.0:test4 cpe:/o:linux:linux_kernel:2.6.0 cpe:/o:linux:linux_kernel:2.4.22 cpe:/o:linux:linux_kernel:2.6.6:rc1 cpe:/o:linux:linux_kernel:2.6.11.4 cpe:/o:linux:linux_kernel:2.6.3 cpe:/o:linux:linux_kernel:2.6.0:test8 cpe:/o:linux:linux_kernel:2.4.31:pre1 cpe:/o:linux:linux_kernel:2.4.19:pre5 cpe:/o:linux:linux_kernel:2.4.30:rc3 cpe:/o:linux:linux_kernel:2.4.21 cpe:/o:linux:linux_kernel:2.6.0:test10 cpe:/o:linux:linux_kernel:2.4.0:test6 cpe:/o:linux:linux_kernel:2.4.25 cpe:/o:linux:linux_kernel:2.4.3:pre3 cpe:/o:linux:linux_kernel:2.6.11:rc2 cpe:/o:linux:linux_kernel:2.4.1 cpe:/o:linux:linux_kernel:2.6.7:rc1 cpe:/o:linux:linux_kernel:2.4.22:pre10 cpe:/o:linux:linux_kernel:2.4.17 cpe:/o:linux:linux_kernel:2.4.14 cpe:/o:linux:linux_kernel:2.6.0:test9 cpe:/o:linux:linux_kernel:2.4.10 cpe:/o:linux:linux_kernel:2.4.18:pre5 cpe:/o:linux:linux_kernel:2.6.0:test5 cpe:/o:linux:linux_kernel:2.4.28 cpe:/o:linux:linux_kernel:2.6.8.1 cpe:/o:linux:linux_kernel:2.6.11:rc3 cpe:/o:linux:linux_kernel:2.6.11:rc4 cpe:/o:linux:linux_kernel:2.4.29:rc1 cpe:/o:linux:linux_kernel:2.4.19:pre6 cpe:/o:linux:linux_kernel:2.4.0:test7 cpe:/o:linux:linux_kernel:2.4.21:pre1 cpe:/o:linux:linux_kernel:2.4.27:pre3 cpe:/o:linux:linux_kernel:2.4.18:pre3 cpe:/o:linux:linux_kernel:2.6.0:test7 cpe:/o:linux:linux_kernel:2.4.5 cpe:/o:linux:linux_kernel:2.4.19:pre2 cpe:/o:linux:linux_kernel:2.4.18::x86 cpe:/o:linux:linux_kernel:2.6.5 cpe:/o:linux:linux_kernel:2.6.7 cpe:/o:linux:linux_kernel:2.4.18:pre7 cpe:/o:linux:linux_kernel:2.4.0:test9 cpe:/o:linux:linux_kernel:2.4.2 cpe:/o:linux:linux_kernel:2.4.0:test11 cpe:/o:linux:linux_kernel:2.6_test9_cvs cpe:/o:linux:linux_kernel:2.4.16 cpe:/o:linux:linux_kernel:2.4.27:pre1 cpe:/o:linux:linux_kernel:2.4.6 cpe:/o:linux:linux_kernel:2.6.11.8 cpe:/o:linux:linux_kernel:2.4.24 cpe:/o:linux:linux_kernel:2.4.7 cpe:/o:linux:linux_kernel:2.6.4 cpe:/o:linux:linux_kernel:2.4.18:pre4 cpe:/o:linux:linux_kernel:2.6.8:rc2 cpe:/o:linux:linux_kernel:2.4.11 cpe:/o:linux:linux_kernel:2.4.18:pre8 cpe:/o:linux:linux_kernel:2.4.19 cpe:/o:linux:linux_kernel:2.6.11.5 cpe:/o:linux:linux_kernel:2.6.10:rc2 cpe:/o:linux:linux_kernel:2.4.18:pre6 cpe:/o:linux:linux_kernel:2.4.21:pre4 cpe:/o:linux:linux_kernel:2.4.9 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel:2.4.8 cpe:/o:linux:linux_kernel:2.4.0:test5 cpe:/o:linux:linux_kernel:2.6.2 cpe:/o:linux:linux_kernel:2.6.8:rc1 cpe:/o:linux:linux_kernel:2.4.19:pre1 cpe:/o:linux:linux_kernel:2.4.18:pre2 cpe:/o:linux:linux_kernel:2.6.11.7 cpe:/o:linux:linux_kernel:2.6.10 cpe:/o:linux:linux_kernel:2.4.26 cpe:/o:linux:linux_kernel:2.6.0:test3 cpe:/o:linux:linux_kernel:2.6.8 cpe:/o:linux:linux_kernel:2.6.11.1 cpe:/o:linux:linux_kernel:2.6.6 cpe:/o:linux:linux_kernel:2.4.29 cpe:/o:linux:linux_kernel:2.4.0 cpe:/o:linux:linux_kernel:2.4.15 CVE-2005-0179 2005-03-07T00:00:00.000-05:00 2011-03-07T21:19:37.330-05:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-06-03T14:20:00.000-04:00 REDHAT RHSA-2005:092 VUPEN ADV-2005-1878 FULLDISC 20050107 grsecurity 2.1.0 release / 5 Linux kernel advisories CONECTIVA CLA-2005:930 REDHAT RHSA-2005:663 SECUNIA 17002 Linux kernel 2.4.x and 2.6.x allows local users to cause a denial of service (CPU and memory consumption) and bypass RLIM_MEMLOCK limits via the mlockall call. cpe:/o:linux:linux_kernel:2.6_test9_cvs cpe:/o:linux:linux_kernel:2.6.0:test2 cpe:/o:linux:linux_kernel:2.6.11:rc2 cpe:/o:linux:linux_kernel:2.6.1 cpe:/o:linux:linux_kernel:2.6.7:rc1 cpe:/o:linux:linux_kernel:2.6.11.8 cpe:/o:linux:linux_kernel:2.6.4 cpe:/o:linux:linux_kernel:2.6.0:test9 cpe:/o:linux:linux_kernel:2.6.8:rc3 cpe:/o:linux:linux_kernel:2.6.8:rc2 cpe:/o:linux:linux_kernel:2.6.11.6 cpe:/o:linux:linux_kernel:2.6.0:test5 cpe:/o:linux:linux_kernel:2.6.8.1 cpe:/o:linux:linux_kernel:2.6.11:rc3 cpe:/o:linux:linux_kernel:2.6.11:rc4 cpe:/o:linux:linux_kernel:2.6.0:test1 cpe:/o:linux:linux_kernel:2.6.10:rc2 cpe:/o:linux:linux_kernel:2.6.11.5 cpe:/o:linux:linux_kernel:2.6.12:rc1 cpe:/o:linux:linux_kernel:2.6.11 cpe:/o:linux:linux_kernel:2.6.0:test11 cpe:/o:linux:linux_kernel:2.6.9:2.6.20 cpe:/o:linux:linux_kernel:2.6.1:rc1 cpe:/o:linux:linux_kernel:2.6.0:test7 cpe:/o:linux:linux_kernel:2.6.1:rc2 cpe:/o:linux:linux_kernel:2.6.2 cpe:/o:linux:linux_kernel:2.6.11.2 cpe:/o:linux:linux_kernel:2.6.0:test6 cpe:/o:linux:linux_kernel:2.6.0:test4 cpe:/o:linux:linux_kernel:2.6.0 cpe:/o:linux:linux_kernel:2.6.8:rc1 cpe:/o:linux:linux_kernel:2.6.6:rc1 cpe:/o:linux:linux_kernel:2.6.11.4 cpe:/o:linux:linux_kernel:2.6.3 cpe:/o:linux:linux_kernel:2.6.11.7 cpe:/o:linux:linux_kernel:2.6.0:test8 cpe:/o:linux:linux_kernel:2.6.10 cpe:/o:linux:linux_kernel:2.6.0:test3 cpe:/o:linux:linux_kernel:2.6.11.3 cpe:/o:linux:linux_kernel:2.6.8 cpe:/o:linux:linux_kernel:2.6.5 cpe:/o:linux:linux_kernel:2.6.0:test10 cpe:/o:linux:linux_kernel:2.6.11.1 cpe:/o:linux:linux_kernel:2.6.7 cpe:/o:linux:linux_kernel:2.6.6 cpe:/o:linux:linux_kernel:2.6.12:rc4 CVE-2005-0180 2005-03-07T00:00:00.000-05:00 2011-03-07T21:19:37.423-05:00 3.6 LOCAL LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov 2005-06-03T14:29:00.000-04:00 REDHAT RHSA-2005:092 MANDRAKE MDKSA-2005:219 FULLDISC 20050107 grsecurity 2.1.0 release / 5 Linux kernel advisories CONECTIVA CLA-2005:930 BID 12198 BUGTRAQ 20050107 grsecurity 2.1.0 release / 5 Linux kernel advisories MANDRAKE MDKSA-2005:219 MANDRAKE MDKSA-2005:218 SECUNIA 17826 Multiple integer signedness errors in the sg_scsi_ioctl function in scsi_ioctl.c for Linux 2.6.x allow local users to read or modify kernel memory via negative integers in arguments to the scsi ioctl, which bypass a maximum length check before calling the copy_from_user and copy_to_user functions. cpe:/a:mod_dosevasive:mod_dosevasive:1.8 cpe:/a:mod_dosevasive:mod_dosevasive:1.9 CVE-2005-0182 2005-01-06T00:00:00.000-05:00 2008-09-05T16:45:31.963-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-06-03T14:32:00.000-04:00 XF moddosevasive-symlink(18765) BID 12181 MISC http://security.lss.hr/index.php?page=details&ID=LSS-2005-01-01 BUGTRAQ 20050111 Mod_dosevasive symlink and race vulnerability SECUNIA 13725 The mod_dosevasive module 1.9 and earlier for Apache creates temporary files with predictable filenames, which could allow remote attackers to overwrite arbitrary files via a symlink attack. cpe:/a:squirrelmail:vacation_plugin:0.15 CVE-2005-0183 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:32.120-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-06-03T14:34:00.000-04:00 ALLOWS_ADMIN_ACCESS XF vacation-ftpfile-command-execution(18855) MISC http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-01-03 BUGTRAQ 20050111 Squirrelmail vacation v0.15 local root exploit CONFIRM http://www.squirrelmail.org/plugin_view.php?id=51 BID 12222 SECTRACK 1012866 SECUNIA 13791 ftpfile in the Vacation plugin 0.15 and earlier for Squirrelmail allows local users to execute arbitrary commands via shell metacharacters in a command line argument. CVE-2005-0184 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:32.293-04:00 2.1 LOCAL LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2005-06-03T14:34:00.000-04:00 XF vacation-ftpfile-directory-traversal(18856) MISC http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-01-03 BUGTRAQ 20050111 Squirrelmail vacation v0.15 local root exploit CONFIRM http://www.squirrelmail.org/plugin_view.php?id=51 BID 12222 SECTRACK 1012866 SECUNIA 13791 Directory traversal vulnerability in ftpfile in the Vacation plugin 0.15 and earlier for Squirrelmail allows local users to read arbitrary files via a .. (dot dot) in a get request. cpe:/a:mnet_soft_factory:nodemanager_professional:2.00 CVE-2005-0185 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:32.447-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T14:39:00.000-04:00 ALLOWS_USER_ACCESS XF nodemanager-linkdown-bo(18937) MISC http://www.security.org.sg/vuln/nodemanager200.html SECUNIA 13881 BUGTRAQ 20050117 [SIG^2 G-TEC] NodeManager Professional V2.00 Buffer Overflow Vulnerability BID 12283 SECTRACK 1012915 Stack-based buffer overflow in NodeManager Professional 2.00 allows remote attackers to execute arbitrary commands via a LinkDown-Trap packet that contains a long OCTET-STRING in the Trap variable-bindings field. cpe:/o:cisco:ios:12.1yd cpe:/o:cisco:ios:12.3t cpe:/o:cisco:ios:12.2t cpe:/o:cisco:ios:12.3 CVE-2005-0186 2005-01-19T00:00:00.000-05:00 2009-03-04T00:29:26.593-05:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-06-03T14:42:00.000-04:00 XF cisco-ios-sccp-dos(18956) CISCO 20050119 Vulnerability in Cisco IOS Embedded Call Processing Solutions SECTRACK 1012945 SECUNIA 13913 Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the IOS Telephony Service (ITS), CallManager Express (CME) or Survivable Remote Site Telephony (SRST), allows remote attackers to cause a denial of service (device reboot) via a malformed packet to the SCCP port. cpe:/a:athoc:athoc_toolbar CVE-2005-0187 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:32.777-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T14:43:00.000-04:00 ALLOWS_USER_ACCESS XF athoc-toolbar-bo(17627) BID 11341 MISC http://www.ngssoftware.com/advisories/athoc-01full.txt BUGTRAQ 20050119 Multiple vulnerabilities in the AtHoc Toolbar (#NISR19012005c) BUGTRAQ 20041006 Patch available for high risk flaws in the AtHoc Toolbar Stack-based buffer overflow in the SetSkin function in AtHoc toolbar allows remote attackers to execute arbitrary code via a long skin name. cpe:/a:athoc:athoc_toolbar CVE-2005-0188 2004-10-06T00:00:00.000-04:00 2008-09-05T16:45:32.933-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T14:57:00.000-04:00 ALLOWS_USER_ACCESS XF athoc-toolbar-format-string(17628) BID 11341 MISC http://www.ngssoftware.com/advisories/athoc-01full.txt BUGTRAQ 20050119 Multiple vulnerabilities in the AtHoc Toolbar (#NISR19012005c) BUGTRAQ 20041006 Patch available for high risk flaws in the AtHoc Toolbar Format string vulnerability in the SetBaseURL function in AtHoc toolbar allows remote attackers to execute arbitrary code via format string specifiers in an invalid URL that is recorded in the debug log. cpe:/a:realnetworks:realone_player:1.0 cpe:/a:realnetworks:realplayer:10.0::german cpe:/a:realnetworks:realone_player:2.0 cpe:/a:realnetworks:realplayer:10.5 cpe:/a:realnetworks:realplayer:10.5_6.0.12.1040 cpe:/a:realnetworks:realplayer:10.5_6.0.12.1016_beta cpe:/a:realnetworks:realplayer:10.0_beta cpe:/a:realnetworks:realplayer:10.0:::english cpe:/a:realnetworks:realplayer:10.0_6.0.12.690 cpe:/a:realnetworks:realplayer:10.0:::japanese CVE-2005-0189 2004-10-06T00:00:00.000-04:00 2011-03-07T21:19:38.127-05:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T15:10:00.000-04:00 ALLOWS_USER_ACCESS CERT-VN VU#698390 BID 12311 MISC http://service.real.com/help/faq/security/040928_player/EN/ BUGTRAQ 20050119 RealPlayer 'ShowPreferences' Buffer Overflow Vulnerability (#NISR19012005e) NTBUGTRAQ 20050119 RealPlayer 'ShowPreferences' Buffer Overflow Vulnerability (#NISR19012005e) BUGTRAQ 20041006 Patch available for multiple high risk vulnerabilities in RealPlayer Stack-based buffer overflow in the HandleAction function in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to execute arbitrary code via a long ShowPreferences argument. cpe:/a:realnetworks:realone_player:1.0 cpe:/a:realnetworks:realplayer:10.0::german cpe:/a:realnetworks:realone_player:2.0 cpe:/a:realnetworks:realplayer:10.5 cpe:/a:realnetworks:realplayer:10.5_6.0.12.1040 cpe:/a:realnetworks:realplayer:10.5_6.0.12.1016_beta cpe:/a:realnetworks:realplayer:10.0_beta cpe:/a:realnetworks:realplayer:10.0:::english cpe:/a:realnetworks:realplayer:10.0_6.0.12.690 cpe:/a:realnetworks:realplayer:10.0:::japanese CVE-2005-0190 2004-09-29T00:00:00.000-04:00 2011-03-07T21:19:38.220-05:00 2.6 NETWORK HIGH NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-06-03T15:35:00.000-04:00 XF realplayer-media-file-deletion(17551) BID 11308 MISC http://www.ngssoftware.com/advisories/real-02full.txt CONFIRM http://service.real.com/help/faq/security/040928_player/EN/ SECUNIA 12672 BUGTRAQ 20050119 RealPlayer Arbitrary File Deletion Vulnerability (#NISR19012005f) BUGTRAQ 20041006 Patch available for multiple high risk vulnerabilities in RealPlayer Directory traversal vulnerability in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to delete arbitrary files via a Real Metadata Packages (RMP) file with a FILENAME tag containing .. (dot dot) sequences in a filename that ends with a ? (question mark) and an allowed file extension (e.g. .mp3), which bypasses the check for the file extension. cpe:/a:realnetworks:realone_player:1.0 cpe:/a:realnetworks:realplayer:10.0::german cpe:/a:realnetworks:realone_player:2.0 cpe:/a:realnetworks:realplayer:10.5 cpe:/a:realnetworks:realplayer:10.5_6.0.12.1040 cpe:/a:realnetworks:realplayer:10.5_6.0.12.1016_beta cpe:/a:realnetworks:realplayer:10.0_beta cpe:/a:realnetworks:realplayer:10.0:::english cpe:/a:realnetworks:realplayer:10.0_6.0.12.690 cpe:/a:realnetworks:realplayer:10.0:::japanese CVE-2005-0191 2005-01-19T00:00:00.000-05:00 2011-03-07T21:19:38.297-05:00 5.1 NETWORK HIGH NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T15:46:00.000-04:00 ALLOWS_USER_ACCESS XF realplayer-long-filename-offbyone-bo(18982) MISC http://www.ngssoftware.com/advisories/real-03full.txt CONFIRM http://service.real.com/help/faq/security/040928_player/EN/ BUGTRAQ 20050119 RealPlayer Miscellaneous Vulnerabilities (#NISR19012005g) BUGTRAQ 20041006 Patch available for multiple high risk vulnerabilities in RealPlayer Off-by-one buffer overflow in the processing of tags in Real Metadata Package (RMP) files in RealPlayer 10.5 (6.0.12.1040) and earlier could allow remote attackers to execute arbitrary code via a long tag. cpe:/a:realnetworks:realone_player:1.0 cpe:/a:realnetworks:realplayer:10.0::german cpe:/a:realnetworks:realone_player:2.0 cpe:/a:realnetworks:realplayer:10.5 cpe:/a:realnetworks:realplayer:10.5_6.0.12.1040 cpe:/a:realnetworks:realplayer:10.5_6.0.12.1016_beta cpe:/a:realnetworks:realplayer:10.0_beta cpe:/a:realnetworks:realplayer:10.0:::english cpe:/a:realnetworks:realplayer:10.0_6.0.12.690 cpe:/a:realnetworks:realplayer:10.0:::japanese CVE-2005-0192 2004-10-06T00:00:00.000-04:00 2011-03-07T21:19:38.393-05:00 2.6 NETWORK HIGH NONE PARTIAL NONE NONE http://nvd.nist.gov 2005-06-03T15:48:00.000-04:00 XF realplayer-rjs-filenane-directory-traversal(18984) MISC http://www.ngssoftware.com/advisories/real-03full.txt MISC http://service.real.com/help/faq/security/040928_player/EN/ BUGTRAQ 20050119 RealPlayer Miscellaneous Vulnerabilities (#NISR19012005g) BUGTRAQ 20041006 Patch available for multiple high risk vulnerabilities in RealPlayer Directory traversal vulnerability in the parsing of Skin file names in RealPlayer 10.5 (6.0.12.1040) and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in an RJS filename. cpe:/a:isync:mrouter:1.5 CVE-2005-0193 2005-01-22T00:00:00.000-05:00 2008-09-05T16:45:33.807-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-06-03T15:52:00.000-04:00 ALLOWS_ADMIN_ACCESS XF isync-mrouter-bo(19011) BUGTRAQ 20050122 Mac OS X 10.3 iSync Privilege Escalation APPLE APPLE-SA-2005-04-19 BID 12334 SECTRACK 1012974 SECUNIA 13965 Buffer overflow in the (1) -v and (2) -a switches in mRouter in iSync 1.5 in Mac OS X 10.3.7 and earlier allows local users to execute arbitrary code. cpe:/a:squid:squid:2.1.patch2 cpe:/a:squid:squid:2.2.stable5 cpe:/a:squid:squid:2.1.release cpe:/a:squid:squid:2.3.stable3 cpe:/a:squid:squid:2.5.stable4 cpe:/a:squid:squid:2.2.stable1 cpe:/a:squid:squid:2.4.stable2 cpe:/a:squid:squid:2.3.stable2 cpe:/a:squid:squid:2.2.stable2 cpe:/a:squid:squid:2.4.stable4 cpe:/a:squid:squid:2.2.pre2 cpe:/a:squid:squid:2.4.stable7 cpe:/a:squid:squid:2.3.stable4 cpe:/a:squid:squid:2.3.devel3 cpe:/a:squid:squid:2.1.pre4 cpe:/a:squid:squid:2.5.stable6 cpe:/a:squid:squid:2.0.patch2 cpe:/a:squid:squid:2.2.devel4 cpe:/a:squid:squid:2.0.release cpe:/a:squid:squid:2.2.stable4 cpe:/a:squid:squid:2.4.stable3 cpe:/a:squid:squid:2.5.stable5 cpe:/a:squid:squid:2.5.stable2 cpe:/a:squid:squid:2.1.pre3 cpe:/a:squid:squid:2.5.stable3 cpe:/a:squid:squid:2.0.patch1 cpe:/a:squid:squid:2.1.patch1 cpe:/a:squid:squid:2.2.stable3 cpe:/a:squid:squid:2.2.pre1 cpe:/a:squid:squid:2.4.stable6 cpe:/a:squid:squid:2.3.stable5 cpe:/a:squid:squid:2.0.pre1 cpe:/a:squid:squid:2.1.pre1 cpe:/a:squid:squid:2.2.devel3 cpe:/a:squid:squid:2.5.stable1 cpe:/a:squid:squid:2.3.devel2 cpe:/a:squid:squid:2.4.stable1 cpe:/a:squid:squid:2.3.stable1 CVE-2005-0194 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:33.963-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-06-03T23:48:00.000-04:00 ALLOWS_ADMIN_ACCESS CERT-VN VU#260421 CONFIRM http://www.squid-cache.org/Versions/v2/2.5/bugs/squid-2.5.STABLE7-empty_acls.patch CONFIRM http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE7-empty_acls DEBIAN DSA-667 BUGTRAQ 20050221 [USN-84-1] Squid vulnerabilities CONECTIVA CLA-2005:923 CONFIRM http://www.squid-cache.org/bugs/show_bug.cgi?id=1166 FEDORA FLSA-2006:152809 Squid 2.5, when processing the configuration file, parses empty Access Control Lists (ACLs), including proxy_auth ACLs without defined auth schemes, in a way that effectively removes arguments, which could allow remote attackers to bypass intended ACLs if the administrator ignores the parser warnings. cpe:/o:cisco:ios:12.2ewa cpe:/o:cisco:ios:12.2zj cpe:/o:cisco:ios:12.3xz cpe:/o:cisco:ios:12.3xl cpe:/o:cisco:ios:12.0s cpe:/o:cisco:ios:12.2yt cpe:/o:cisco:ios:12.3ja cpe:/o:cisco:ios:12.0sx cpe:/o:cisco:ios:12.2sxa cpe:/o:cisco:ios:12.0sz cpe:/o:cisco:ios:12.2sv cpe:/o:cisco:ios:12.2cz cpe:/o:cisco:ios:12.2bc cpe:/o:cisco:ios:12.2sxd cpe:/o:cisco:ios:12.3b cpe:/o:cisco:ios:12.3xs cpe:/o:cisco:ios:12.2mc cpe:/o:cisco:ios:12.3xt cpe:/o:cisco:ios:12.3xb cpe:/o:cisco:ios:12.2bz cpe:/o:cisco:ios:12.3xq cpe:/o:cisco:ios:12.3xn cpe:/o:cisco:ios:12.2sz cpe:/o:cisco:ios:12.2yz cpe:/o:cisco:ios:12.3j cpe:/o:cisco:ios:12.3xy cpe:/o:cisco:ios:12.3bw cpe:/o:cisco:ios:12.2zg cpe:/o:cisco:ios:12.2zi cpe:/o:cisco:ios:12.2zp cpe:/o:cisco:ios:12.2zn cpe:/o:cisco:ios:12.2su cpe:/o:cisco:ios:12.3ye cpe:/o:cisco:ios:12.2bx cpe:/o:cisco:ios:12.3xc cpe:/o:cisco:ios:12.3 cpe:/o:cisco:ios:12.2se cpe:/o:cisco:ios:12.2b cpe:/o:cisco:ios:12.3xd cpe:/o:cisco:ios:12.2yv cpe:/o:cisco:ios:12.2zl cpe:/o:cisco:ios:12.2ze cpe:/o:cisco:ios:12.3xm cpe:/o:cisco:ios:12.2yu cpe:/o:cisco:ios:12.3xu cpe:/o:cisco:ios:12.3xi cpe:/o:cisco:ios:12.3yg cpe:/o:cisco:ios:12.3xh cpe:/o:cisco:ios:12.3t cpe:/o:cisco:ios:12.3xw cpe:/o:cisco:ios:12.3xa cpe:/o:cisco:ios:12.3xk cpe:/o:cisco:ios:12.3xr cpe:/o:cisco:ios:12.2sxb cpe:/o:cisco:ios:12.2zf cpe:/o:cisco:ios:12.3xf cpe:/o:cisco:ios:12.2sx cpe:/o:cisco:ios:12.2ew cpe:/o:cisco:ios:12.2sw cpe:/o:cisco:ios:12.3yd cpe:/o:cisco:ios:12.2zd cpe:/o:cisco:ios:12.3yh cpe:/o:cisco:ios:12.2zh cpe:/o:cisco:ios:12.3xx cpe:/o:cisco:ios:12.3bc cpe:/o:cisco:ios:12.2zo cpe:/o:cisco:ios:12.3xe cpe:/o:cisco:ios:12.3yf cpe:/o:cisco:ios:12.2zc cpe:/o:cisco:ios:12.2s cpe:/o:cisco:ios:12.3ya cpe:/o:cisco:ios:12.2sy cpe:/o:cisco:ios:12.2jk cpe:/o:cisco:ios:12.3xg cpe:/o:cisco:ios:12.2cx cpe:/o:cisco:ios:12.2t CVE-2005-0195 2005-05-02T00:00:00.000-04:00 2009-03-04T00:29:27.517-05:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-06-03T17:32:00.000-04:00 CERT TA05-026A CERT-VN VU#472582 XF cisco-ios-ipv6-dos(19072) CISCO 20050126 Multiple Crafted IPv6 Packets Cause Reload Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a denial of service (device restart) via a crafted IPv6 packet. cpe:/o:cisco:ios:12.1ew cpe:/o:cisco:ios:12.1xv cpe:/o:cisco:ios:12.0s cpe:/o:cisco:ios:12.3xl cpe:/o:cisco:ios:12.2xe cpe:/o:cisco:ios:12.2cz cpe:/o:cisco:ios:12.2xh cpe:/o:cisco:ios:12.2zk cpe:/o:cisco:ios:12.2sxd cpe:/o:cisco:ios:12.1xl cpe:/o:cisco:ios:12.1xp cpe:/o:cisco:ios:12.2bw cpe:/o:cisco:ios:12.2yz cpe:/o:cisco:ios:12.2xk cpe:/o:cisco:ios:12.2yr cpe:/o:cisco:ios:12.1xj cpe:/o:cisco:ios:12.2bx cpe:/o:cisco:ios:12.0db cpe:/o:cisco:ios:12.3xc cpe:/o:cisco:ios:12.1xi cpe:/o:cisco:ios:12.3xv cpe:/o:cisco:ios:12.1ya cpe:/o:cisco:ios:12.1ay cpe:/o:cisco:ios:12.2se cpe:/o:cisco:ios:12.1xe cpe:/o:cisco:ios:12.2yu cpe:/o:cisco:ios:12.0xt cpe:/o:cisco:ios:12.3xi cpe:/o:cisco:ios:12.2by cpe:/o:cisco:ios:12.3xh cpe:/o:cisco:ios:12.3xj cpe:/o:cisco:ios:12.2yy cpe:/o:cisco:ios:12.3xk cpe:/o:cisco:ios:12.0dc cpe:/o:cisco:ios:12.1 cpe:/o:cisco:ios:12.2xn cpe:/o:cisco:ios:12.0xb cpe:/o:cisco:ios:12.2yn cpe:/o:cisco:ios:12.0xe cpe:/o:cisco:ios:12.2xj cpe:/o:cisco:ios:12.0xa cpe:/o:cisco:ios:12.2xg cpe:/o:cisco:ios:12.2xu cpe:/o:cisco:ios:12.3xe cpe:/o:cisco:ios:12.3yf cpe:/o:cisco:ios:12.0xc cpe:/o:cisco:ios:12.3ya cpe:/o:cisco:ios:12.2jk cpe:/o:cisco:ios:12.1eo cpe:/o:cisco:ios:12.1yb cpe:/o:cisco:ios:12.1ax cpe:/o:cisco:ios:12.2zj cpe:/o:cisco:ios:12.1ev cpe:/o:cisco:ios:12.2xt cpe:/o:cisco:ios:12.0 cpe:/o:cisco:ios:12.1yh cpe:/o:cisco:ios:12.2yw cpe:/o:cisco:ios:12.2x cpe:/o:cisco:ios:12.2bc cpe:/o:cisco:ios:12.1xb cpe:/o:cisco:ios:12.1xg cpe:/o:cisco:ios:12.2yh cpe:/o:cisco:ios:12.2 cpe:/o:cisco:ios:12.0xs cpe:/o:cisco:ios:12.3xb cpe:/o:cisco:ios:12.2yg cpe:/o:cisco:ios:12.3bw cpe:/o:cisco:ios:12.2su cpe:/o:cisco:ios:12.0xu cpe:/o:cisco:ios:12.2xc cpe:/o:cisco:ios:12.3xu cpe:/o:cisco:ios:12.0sy cpe:/o:cisco:ios:12.2sxb cpe:/o:cisco:ios:12.1ey cpe:/o:cisco:ios:12.2sx cpe:/o:cisco:ios:12.1aa cpe:/o:cisco:ios:12.2yl cpe:/o:cisco:ios:12.2xs cpe:/o:cisco:ios:12.2dd cpe:/o:cisco:ios:12.0xq cpe:/o:cisco:ios:12.1yf cpe:/o:cisco:ios:12.3yd cpe:/o:cisco:ios:12.0xk cpe:/o:cisco:ios:12.3yj cpe:/o:cisco:ios:12.0da cpe:/o:cisco:ios:12.1ex cpe:/o:cisco:ios:12.2zo cpe:/o:cisco:ios:12.0xh cpe:/o:cisco:ios:12.0xf cpe:/o:cisco:ios:12.1xh cpe:/o:cisco:ios:12.0xn cpe:/o:cisco:ios:12.1dc cpe:/o:cisco:ios:12.1xm cpe:/o:cisco:ios:12.2yo cpe:/o:cisco:ios:12.0sc cpe:/o:cisco:ios:12.2xf cpe:/o:cisco:ios:12.0sx cpe:/o:cisco:ios:12.0sz cpe:/o:cisco:ios:12.2sxa cpe:/o:cisco:ios:12.2xd cpe:/o:cisco:ios:12.1t cpe:/o:cisco:ios:12.1xf cpe:/o:cisco:ios:12.3yc cpe:/o:cisco:ios:12.2xq cpe:/o:cisco:ios:12.2yx cpe:/o:cisco:ios:12.3b cpe:/o:cisco:ios:12.3xs cpe:/o:cisco:ios:12.1xc cpe:/o:cisco:ios:12.0xg cpe:/o:cisco:ios:12.3yl cpe:/o:cisco:ios:12.0wt cpe:/o:cisco:ios:12.2mc cpe:/o:cisco:ios:12.1xt cpe:/o:cisco:ios:12.2yq cpe:/o:cisco:ios:12.2bz cpe:/o:cisco:ios:12.2sz cpe:/o:cisco:ios:12.2zp cpe:/o:cisco:ios:12.2zn cpe:/o:cisco:ios:12.0w5 cpe:/o:cisco:ios:12.0xm cpe:/o:cisco:ios:12.3ye cpe:/o:cisco:ios:12.2xm cpe:/o:cisco:ios:12.2yv cpe:/o:cisco:ios:12.2zl cpe:/o:cisco:ios:12.3xd cpe:/o:cisco:ios:12.0xl cpe:/o:cisco:ios:12.2ze cpe:/o:cisco:ios:12.1xd cpe:/o:cisco:ios:12.1ea cpe:/o:cisco:ios:12.2mb cpe:/o:cisco:ios:12.3xa cpe:/o:cisco:ios:12.2ye cpe:/o:cisco:ios:12.1da cpe:/o:cisco:ios:12.2zf cpe:/o:cisco:ios:12.1xa cpe:/o:cisco:ios:12.2yp cpe:/o:cisco:ios:12.2xa cpe:/o:cisco:ios:12.2mx cpe:/o:cisco:ios:12.2zh cpe:/o:cisco:ios:12.1xq cpe:/o:cisco:ios:12.3xg cpe:/o:cisco:ios:12.1xr cpe:/o:cisco:ios:12.0xi cpe:/o:cisco:ios:12.2yt cpe:/o:cisco:ios:12.2xb cpe:/o:cisco:ios:12.0xr cpe:/o:cisco:ios:12.2za cpe:/o:cisco:ios:12.2yb cpe:/o:cisco:ios:12.2zm cpe:/o:cisco:ios:12.0xp cpe:/o:cisco:ios:12.2xw cpe:/o:cisco:ios:12.2xi cpe:/o:cisco:ios:12.3xq cpe:/o:cisco:ios:12.2ya cpe:/o:cisco:ios:12.3xn cpe:/o:cisco:ios:12.2da cpe:/o:cisco:ios:12.2zb cpe:/o:cisco:ios:12.0wx cpe:/o:cisco:ios:12.2zg cpe:/o:cisco:ios:12.2ym cpe:/o:cisco:ios:12.2zi cpe:/o:cisco:ios:12.2yf cpe:/o:cisco:ios:12.1xu cpe:/o:cisco:ios:12.0st cpe:/o:cisco:ios:12.0xj cpe:/o:cisco:ios:12.3 cpe:/o:cisco:ios:12.1yj cpe:/o:cisco:ios:12.2ys cpe:/o:cisco:ios:12.2b cpe:/o:cisco:ios:12.2yj cpe:/o:cisco:ios:12.3t cpe:/o:cisco:ios:12.1yi cpe:/o:cisco:ios:12.3xr cpe:/o:cisco:ios:12.3xf cpe:/o:cisco:ios:12.2ew cpe:/o:cisco:ios:12.2sw cpe:/o:cisco:ios:12.2yc cpe:/o:cisco:ios:12.1db cpe:/o:cisco:ios:12.0xd cpe:/o:cisco:ios:12.1az cpe:/o:cisco:ios:12.2zd cpe:/o:cisco:ios:12.0wc cpe:/o:cisco:ios:12.1ec cpe:/o:cisco:ios:12.3yh cpe:/o:cisco:ios:12.1e cpe:/o:cisco:ios:12.3xx cpe:/o:cisco:ios:12.0sp cpe:/o:cisco:ios:12.0xv cpe:/o:cisco:ios:12.2zc cpe:/o:cisco:ios:12.2s cpe:/o:cisco:ios:12.2xz cpe:/o:cisco:ios:12.2sy cpe:/o:cisco:ios:12.2dx cpe:/o:cisco:ios:12.2yk cpe:/o:cisco:ios:12.2t cpe:/o:cisco:ios:12.2xl CVE-2005-0196 2005-05-02T00:00:00.000-04:00 2009-03-04T00:29:27.717-05:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-06-03T17:50:00.000-04:00 CERT TA05-026A CERT-VN VU#689326 XF cisco-ios-bgp-packetdos(19074) CISCO 20050126 Cisco IOS Misformed BGP Packet Causes Reload SECTRACK 1013013 SECUNIA 14034 Cisco IOS 12.0 through 12.3YL, with BGP enabled and running the bgp log-neighbor-changes command, allows remote attackers to cause a denial of service (device reload) via a malformed BGP packet. cpe:/o:cisco:ios:12.1t cpe:/o:cisco:ios:12.2 cpe:/o:cisco:ios:12.3t cpe:/o:cisco:ios:12.2t cpe:/o:cisco:ios:12.3 CVE-2005-0197 2005-05-02T00:00:00.000-04:00 2009-03-04T00:29:27.843-05:00 6.1 ADJACENT_NETWORK LOW NONE NONE NONE COMPLETE http://nvd.nist.gov 2005-06-03T17:56:00.000-04:00 CERT TA05-026A CERT-VN VU#583638 XF cisco-ios-mpls-dos(19071) CISCO 20050126 Crafted Packet Causes Reload on Cisco Routers BID 12369 SECTRACK 1013015 SECUNIA 14031 Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching (MPLS) installed but disabled, allows remote attackers to cause a denial of service (device reload) via a crafted packet sent to the disabled interface. cpe:/a:university_of_washington:uw-imap CVE-2005-0198 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:38.733-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-03T21:08:00.000-04:00 ALLOWS_USER_ACCESS CONFIRM http://www.kb.cert.org/vuls/id/CRDY-68QSL5 CERT-VN VU#702777 REDHAT RHSA-2005:128 GENTOO GLSA-200502-02 BID 12391 MANDRAKE MDKSA-2005:026 SECTRACK 1013037 SECUNIA 14097 SECUNIA 14057 A logic error in the CRAM-MD5 code for the University of Washington IMAP (UW-IMAP) server, when Challenge-Response Authentication Mechanism with MD5 (CRAM-MD5) is enabled, does not properly enforce all the required conditions for successful authentication, which allows remote attackers to authenticate as arbitrary users. cpe:/a:ngircd:ngircd:0.6 cpe:/a:ngircd:ngircd:0.7.6 cpe:/a:ngircd:ngircd:0.7 cpe:/a:ngircd:ngircd:0.7.1 cpe:/a:ngircd:ngircd:0.8 cpe:/a:ngircd:ngircd:0.7.7 cpe:/a:ngircd:ngircd:0.6.1 cpe:/a:ngircd:ngircd:0.7.5 cpe:/a:ngircd:ngircd:0.8.1 CVE-2005-0199 2005-05-02T00:00:00.000-04:00 2008-09-05T16:45:35.527-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-06T08:42:00.000-04:00 ALLOWS_USER_ACCESS XF ngircd-listmakemask-bo(19143) BID 12397 GENTOO GLSA-200501-40 MLIST [ngIRCd-ML] 20050126 ngIRCd 0.8.2 CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=79705 SECTRACK 1013047 SECUNIA 14059 SECUNIA 14056 Integer underflow in the Lists_MakeMask() function in lists.c in ngIRCd before 0.8.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long MODE line that causes an incorrect length calculation, which leads to a buffer overflow. cpe:/a:tiki:tikiwiki_cms%2Fgroupware:1.6.1 CVE-2005-0200 2005-05-02T00:00:00.000-04:00 2012-10-24T00:00:00.000-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-06T08:44:00.000-04:00 GENTOO GLSA-200501-41 CONFIRM http://tikiwiki.org/art102 SECUNIA 13948 TikiWiki before 1.8.5 does not properly validate files that have been uploaded to the temp directory, which could allow remote attackers to upload and execute arbitrary PHP scripts, a different vulnerability than CVE-2004-1386. cpe:/a:d-bus:d-bus:0.22 CVE-2005-0201 2005-06-29T00:00:00.000-04:00 2010-08-21T00:25:39.077-04:00 2.1 LOCAL LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2005-06-29T08:34:00.000-04:00 REDHAT RHSA-2005:102 MANDRAKE MDKSA-2005:105 UBUNTU USN-144-1 AUSCERT ESB-2005.0435 BID 12435 SECTRACK 1013075 SECUNIA 15844 SECUNIA 15833 SECUNIA 15638 SECUNIA 14119 D-BUS (dbus) before 0.22 does not properly restrict access to a socket, if the socket address is known, which allows local users to listen or send arbitrary messages on another user's per-user session bus via that socket. cpe:/a:gnu:mailman:2.1.1 cpe:/a:gnu:mailman:2.1.3 cpe:/a:gnu:mailman:2.1.5 cpe:/a:gnu:mailman:2.1.4 cpe:/a:gnu:mailman:2.1 cpe:/a:gnu:mailman:2.1b1 cpe:/a:gnu:mailman:2.1.2 CVE-2005-0202 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:39.217-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2005-06-06T08:57:00.000-04:00 REDHAT RHSA-2005:137 REDHAT RHSA-2005:136 GENTOO GLSA-200502-11 BUGTRAQ 20050209 [USN-78-1] Mailman vulnerability APPLE APPLE-SA-2005-03-21 DEBIAN DSA-674 FULLDISC 20050209 Administrivia: List Compromised due to Mailman Vulnerability SUSE SUSE-SA:2005:007 MANDRAKE MDKSA-2005:037 SECTRACK 1013145 SECUNIA 14211 Directory traversal vulnerability in the true_path function in private.py for Mailman 2.1.5 and earlier allows remote attackers to read arbitrary files via ".../....///" sequences, which are not properly cleansed by regular expressions that are intended to remove "../" and "./" sequences. CVE-2005-0203 2005-06-09T00:00:00.000-04:00 2008-09-10T15:35:06.837-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate has been revoked by its Candidate Numbering Authority (CNA) because it was initially assigned to a problem that was not a security issue. Notes: none. cpe:/o:linux:linux_kernel:2.6.3 cpe:/o:linux:linux_kernel:2.6.1 cpe:/o:linux:linux_kernel:2.6.8 cpe:/o:linux:linux_kernel:2.6.5 cpe:/o:linux:linux_kernel:2.6.2 cpe:/o:linux:linux_kernel:2.6.8.1 cpe:/o:linux:linux_kernel:2.6.7 cpe:/o:linux:linux_kernel:2.6.0 cpe:/o:linux:linux_kernel:2.6.6 cpe:/o:linux:linux_kernel:2.6.4 CVE-2005-0204 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:39.357-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-06-06T09:09:00.000-04:00 REDHAT RHSA-2005:092 TRUSTIX 2006-0006 BID 12598 REDHAT RHSA-2005:293 SECUNIA 18784 Linux kernel before 2.6.9, when running on the AMD64 and Intel EM64T architectures, allows local users to write to privileged IO ports via the OUTS instruction. cpe:/o:kde:kde:3.1.5 cpe:/o:kde:kde:3.1.2 cpe:/o:kde:kde:3.1.1 cpe:/o:kde:kde:3.1.4 cpe:/o:kde:kde:3.1 cpe:/o:bernd_wuebben:kppp:2.1.2 cpe:/o:kde:kde:3.1.3 CVE-2005-0205 2005-05-02T00:00:00.000-04:00 2010-08-21T00:25:39.497-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-06-06T09:20:00.000-04:00 ALLOWS_OTHER_ACCESS REDHAT RHSA-2005:175 CONFIRM http://www.kde.org/info/security/advisory-20050228-1.txt IDEFENSE 20050228 KPPP Privileged File Descriptor Leak Vulnerability DEBIAN DSA-692 CONECTIVA CLA-2005:934 KPPP 2.1.2 in KDE 3.1.5 and earlier, when setuid root without certain wrappers, does not properly close a privileged file descriptor for a domain socket, which allows local users to read and write to /etc/hosts and /etc/resolv.conf and gain control over DNS name resolution by opening a number of file descriptors before executing kppp. cpe:/o:redhat:enterprise_linux:2.1::workstation_ia64 cpe:/o:kde:kde:3.2 cpe:/a:tetex:tetex:2.0.1 cpe:/o:redhat:enterprise_linux:2.1::advanced_server cpe:/o:suse:suse_linux:4.3 cpe:/a:easy_software_products:cups:1.1.4_5 cpe:/o:sgi:advanced_linux_environment:3.0 cpe:/o:debian:debian_linux:3.0::s-390 cpe:/o:suse:suse_linux:6.4 cpe:/o:kde:kde:3.2.1 cpe:/a:easy_software_products:cups:1.1.16 cpe:/a:easy_software_products:cups:1.1.4_2 cpe:/o:suse:suse_linux:6.3::ppc cpe:/o:suse:suse_linux:4.2 cpe:/o:debian:debian_linux:3.0::hppa cpe:/o:suse:suse_linux:7.1::sparc cpe:/a:gnome:gpdf:0.112 cpe:/o:redhat:enterprise_linux:2.1::advanced_server_ia64 cpe:/o:redhat:enterprise_linux:3.0::workstation cpe:/o:kde:kde:3.2.2 cpe:/a:kde:koffice:1.3.1 cpe:/a:gnome:gpdf:0.131 cpe:/a:kde:koffice:1.3_beta2 cpe:/o:suse:suse_linux:3.0 cpe:/a:xpdf:xpdf:1.0a cpe:/o:suse:suse_linux:9.2::x86_64 cpe:/a:pdftohtml:pdftohtml:0.33a cpe:/a:pdftohtml:pdftohtml:0.36 cpe:/a:easy_software_products:cups:1.1.7 cpe:/a:easy_software_products:cups:1.1.20 cpe:/o:suse:suse_linux:7.0 cpe:/o:suse:suse_linux:8.2 cpe:/o:redhat:fedora_core:core_1.0 cpe:/o:suse:suse_linux:5.1 cpe:/o:ubuntu:ubuntu_linux:4.1::ppc cpe:/a:xpdf:xpdf:0.93 cpe:/a:tetex:tetex:2.0 cpe:/o:redhat:enterprise_linux:3.0::advanced_servers cpe:/a:kde:koffice:1.3 cpe:/o:suse:suse_linux:8.1 cpe:/a:tetex:tetex:2.0.2 cpe:/o:suse:suse_linux:9.2 cpe:/a:easy_software_products:cups:1.1.14 cpe:/a:xpdf:xpdf:1.0 cpe:/o:kde:kde:3.3.1 cpe:/o:redhat:fedora_core:core_3.0 cpe:/o:suse:suse_linux:2.0 cpe:/a:gnome:gpdf:0.110 cpe:/a:easy_software_products:cups:1.1.1 cpe:/o:suse:suse_linux:4.0 cpe:/o:debian:debian_linux:3.0::ppc cpe:/a:cstex:cstetex:2.0.2 cpe:/a:easy_software_products:cups:1.1.6 cpe:/o:redhat:enterprise_linux:2.1::workstation cpe:/a:easy_software_products:cups:1.1.12 cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64 cpe:/a:tetex:tetex:1.0.7 cpe:/o:debian:debian_linux:3.0::ia-64 cpe:/o:redhat:enterprise_linux_desktop:3.0 cpe:/a:kde:kpdf:3.2 cpe:/o:redhat:fedora_core:core_2.0 cpe:/a:easy_software_products:cups:1.1.17 cpe:/a:easy_software_products:cups:1.1.19 cpe:/o:suse:suse_linux:5.2 cpe:/a:kde:koffice:1.3.3 cpe:/a:ascii:ptex:3.1.4 cpe:/o:suse:suse_linux:7.1::spa cpe:/o:redhat:linux:9.0::i386 cpe:/o:debian:debian_linux:3.0::mips cpe:/a:xpdf:xpdf:1.1 cpe:/o:suse:suse_linux:6.4::i386 cpe:/a:sgi:propack:3.0 cpe:/o:debian:debian_linux:3.0::alpha cpe:/o:redhat:linux_advanced_workstation:2.1::itanium_processor cpe:/o:suse:suse_linux:7.0::sparc cpe:/a:easy_software_products:cups:1.1.4_3 cpe:/o:redhat:enterprise_linux:3.0::enterprise_server cpe:/o:suse:suse_linux:1.0 cpe:/o:debian:debian_linux:3.0::mipsel cpe:/o:kde:kde:3.3 cpe:/a:kde:koffice:1.3_beta1 cpe:/o:suse:suse_linux:6.4::ppc cpe:/o:suse:suse_linux:4.4 cpe:/a:pdftohtml:pdftohtml:0.32b cpe:/o:suse:suse_linux:5.3 cpe:/o:redhat:enterprise_linux:2.1::enterprise_server cpe:/o:redhat:linux_advanced_workstation:2.1::ia64 cpe:/a:xpdf:xpdf:2.0 cpe:/a:kde:koffice:1.3_beta3 cpe:/a:xpdf:xpdf:2.1 cpe:/a:easy_software_products:cups:1.1.18 cpe:/o:suse:suse_linux:8.0::i386 cpe:/o:suse:suse_linux:4.4.1 cpe:/a:easy_software_products:cups:1.1.13 cpe:/o:redhat:enterprise_linux:2.1::enterprise_server_ia64 cpe:/o:suse:suse_linux:9.0 cpe:/a:easy_software_products:cups:1.1.4 cpe:/o:ubuntu:ubuntu_linux:4.1::ia64 cpe:/a:easy_software_products:cups:1.1.10 cpe:/o:suse:suse_linux:7.3::ppc cpe:/o:suse:suse_linux:6.0 cpe:/o:suse:suse_linux:7.0::i386 cpe:/a:xpdf:xpdf:0.91 cpe:/a:tetex:tetex:1.0.6 cpe:/o:kde:kde:3.2.3 cpe:/o:suse:suse_linux:7.3 cpe:/o:debian:debian_linux:3.0::ia-32 cpe:/o:suse:suse_linux:6.3 cpe:/a:kde:koffice:1.3.2 cpe:/o:suse:suse_linux:7.1 cpe:/o:suse:suse_linux:6.4:alpha cpe:/a:easy_software_products:cups:1.1.19_rc5 cpe:/o:debian:debian_linux:3.0::arm cpe:/o:suse:suse_linux:7.0::ppc cpe:/a:xpdf:xpdf:0.90 cpe:/o:suse:suse_linux:7.3::i386 cpe:/o:gentoo:linux cpe:/o:suse:suse_linux:7.0:alpha cpe:/o:suse:suse_linux:6.1:alpha cpe:/o:suse:suse_linux:9.1 cpe:/o:suse:suse_linux:7.2::i386 cpe:/a:easy_software_products:cups:1.1.15 cpe:/a:xpdf:xpdf:3.0 cpe:/a:pdftohtml:pdftohtml:0.33 cpe:/o:suse:suse_linux:9.1::x86_64 cpe:/o:suse:suse_linux:5.0 cpe:/a:easy_software_products:cups:1.0.4 cpe:/o:debian:debian_linux:3.0 cpe:/a:pdftohtml:pdftohtml:0.34 cpe:/o:suse:suse_linux:7.2 cpe:/o:suse:suse_linux:7.1::x86 cpe:/a:easy_software_products:cups:1.0.4_8 cpe:/o:debian:debian_linux:3.0::m68k cpe:/o:suse:suse_linux:9.0::x86_64 cpe:/o:suse:suse_linux:8.0 cpe:/o:suse:suse_linux:6.1 cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0 cpe:/o:suse:suse_linux:7.3::sparc cpe:/a:pdftohtml:pdftohtml:0.35 cpe:/o:suse:suse_linux:6.2 cpe:/a:xpdf:xpdf:2.3 cpe:/o:suse:suse_linux:7.1:alpha cpe:/o:debian:debian_linux:3.0::sparc cpe:/o:suse:suse_linux:6.3:alpha cpe:/a:xpdf:xpdf:0.92 cpe:/a:pdftohtml:pdftohtml:0.32a CVE-2005-0206 2005-04-27T00:00:00.000-04:00 2010-08-21T00:25:39.623-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS BID 11501 REDHAT RHSA-2005:213 XF xpdf-pdf-bo(17818) REDHAT RHSA-2005:132 REDHAT RHSA-2005:057 REDHAT RHSA-2005:053 REDHAT RHSA-2005:034 MANDRAKE MDKSA-2005:056 MANDRAKE MDKSA-2005:052 MANDRAKE MDKSA-2005:044 MANDRAKE MDKSA-2005:043 MANDRAKE MDKSA-2005:042 MANDRAKE MDKSA-2005:041 The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.