See also the NIST Compujter Security Division's ICAT vulnerability database that is now free for commercial and public use and may be downloaded as a Microsoft Access database. The ICAT database includes mappings to the CVE vulnerability enumeration database at http://cve.mitre.org/.
Don't count on this list to provide pointers to all known vulnerabilities. I do not usually list vulnerabilities due to add-on programs like wu-ftpd, pro-ftpd, etc. I've tried to collect and arrange pointers to various advisories where applicable. Since summer 1997, I have also been including references to FreeBSD, Sun, and SGI advisories, as those are easily available on the Internet (a Bronx cheer to HP, which hides their security information behind an absolutely ridiculous WWW interface that requires registration and a first-born son before allowing access).
Concerned UNIX administrators are well advised to check CERT, CIAC, bugtraq archives and any available security resources for their particular operating system.
Note that not all
Please report mistakes or send suggestions to Guy Helmer. Use in good health, and may your systems be secure!
| Systems | Problem Description | Related Bulletins | CVE | |
|---|---|---|---|---|
| Redhat Enterprise Linux 2.1 | The rhn_register and up2date packages contain an update for the RHNS-CA-CERT CA certificate file. The existing CA expires in August 2003. |
Red Hat Linux Security Advisory RHSA-2003:177-01 (up2date) |
None | |
| Caldera OpenLinux 3.1.1 | The kernel unexpectedly opens TCP connections when a TCP packet that has both the SYN and FIN flags set is received. This combination of flags may allow an attacker to circumvent a firewall and open a connection that was not supposed to be allowed. |
Caldera
Security Advisory CSSA-2003-019.0 (tcp_sec) |
None | |
| Debian 3.0; Mandrake Linux 8.2-9.1; Redhat Linux 7.1-9.0 | The unzip program allows maliciously-created zip archives to overwrite arbitrary files during extraction. |
Debian Security
Advisory DSA-344-2 8 July 2003 (unzip)
MandrakeSoft
Security Advisory MDKSA-2003:073: unzip Red Hat Linux Security Advisory RHSA-2003:199-01 (unzip) |
CAN-2003-0282 | |
| Debian 3.0 | The teapop POP-3 server does not properly escape strings before using them in PostgreSQL or MySQL database queries, which could be exploited to execute arbitrary SQL commands. |
Debian Security
Advisory DSA-347-1 08 July 2003 (teapop) |
CAN-2003-0515 | |
| Debian 3.0 | The phpsysinfo system status information program contains vulnerabilities that allow arbitrary local files to be read or PHP scripts to be executed. |
Debian Security
Advisory DSA-346-1 08 July 2003 (phpsysinfo) |
CAN-2003-0536 | |
| Debian 3.0 | The xbl game contains multiple buffer overflow vulnerabilities. |
Debian Security
Advisory DSA-345-1 08 July 2003 (xbl) |
CAN-2003-0535 | |
| Debian 3.0 | The mozart development platform for the Oz language specifies MIME application data that causes Oz applications to be automatically executed when downloaded by a browser or other program that honors the mailcap configuration. |
Debian Security
Advisory DSA-342-1 07 July 2003 (mozart) |
None | |
| Debian 3.0 | The mantis PHP/MySQL web based bug tracking system stores its password in a world-readable configuration file, which would allow local attackers access to the database. |
Debian Security
Advisory DSA-335-1 28 June 2003 (mantis) |
None | |
| Debian 2.2-3.0 | The xgalaga game contains multiple buffer overflow vulnerabilities. |
Debian Security
Advisory DSA-334-1 28 June 2003 (xgalaga) |
CAN-2003-0454 | |
| Debian 2.2-3.0 | The acm aerial combat simulation game contains an integer overflow vulnerability that remote attackers may exploit to execute arbitrary code. |
Debian Security
Advisory DSA-333-1 28 June 2003 (acm) |
CAN-2002-0391 | |
| Debian 2.2-3.0 | The jnethack game contains a buffer overflow vulnerability that may be exploited by local users. |
Debian Security
Advisory DSA-316-3 17 June 2003 (jnethack) |
CAN-2003-0358 CAN-2003-0359 | |
| Debian 2.2-3.0 | The typespeed game's network play mode contains a buffer overflow vulnerability that can allow execution of arbitrary code by a remote attacker. |
Debian Security
Advisory DSA-322-1 16 June 2003 (typespeed) |
CAN-2003-0435 | |
| Debian 2.2-3.0 | The radiusd-cistron server contains a buffer overflow vulnerability that can allow execution of arbitrary code by a remote attacker. |
Debian Security
Advisory DSA-321-1 13 June 2003 (radiusd-cistron) |
None | |
| Debian 2.2-3.0 | The mikmod program is vulnerable to a buffer overflow vulnerability when reading long filenames in archive files. |
Debian Security
Advisory DSA-320-1 13 June 2003 (mikmod) |
CAN-2003-0427 | |
| Debian 2.2-3.0 | The lyskom-server accepts queries from unauthenticated users that can cause a denial of service. |
Debian Security
Advisory DSA-318-1 12 June 2003 (lyskcom-server) |
CAN-2003-0366 | |
| Debian 2.2-3.0 | The xaos fractal image display program is installed setuid root to use svgalib, but can be manipulated by local users to gain root privileges. |
Debian Security
Advisory DSA-310-1 08 June 2003 (xaos) |
None | |
| Debian 3.0 | The gps machine monitoring program contains multiple vulnerabilities which could allow arbitrary code execution by an attacker. |
Debian Security
Advisory DSA-307-1 28 May 2003 (gps) |
None | |
| Debian 2.2-3.0; Mandrake Linux 9.0-9.1 | The BitchX IRC client contains a remotely exploitable denial of service vulnerability that would cause the program to crash. |
Debian Security
Advisory DSA-306-1 19 May 2003 (ircii-pana) MandrakeSoft Security Advisory MDKSA-2003:069: BitchX |
CAN-2003-0334 | |
| Redhat Linux 7.1-7.2 | The KDE SSL implementation in KDE 2.2.2 and earlier allows for a man-in-the-middle attack to be mounted against users of KDE utilities that make use of SSL. |
Red Hat Linux Security Advisory RHSA-2003:192-01 (kde) |
CAN-2003-0370 | |
| Debian 2.2-3.0; Redhat Linux 7.1-9.0 | The lv program reads the file .lv in the current directory. A malicious .lv file can be created and any subsequent user that runs lv in that directory and uses the 'v' command will execute the malicious commands in the .lv file. |
Debian Security
Advisory DSA-304-1 15 May 2003 (mysql) Red Hat Linux Security Advisory RHSA-2003:169-01 (lv) |
CAN-2003-0188 | |
| Redhat Linux 7.1-8.0 | A malformed documentation source file can cause an external program to be executed when viewed by the man program. |
Red Hat Linux Security Advisory RHSA-2003:133-01 (man) |
CAN-2003-0124 | |
| Redhat Linux 7.2-7.3 | The mod_auth_any Web server module improperly verifies or escapes arguments before executing external programs to verify passwords. |
Red Hat Linux Security Advisory RHSA-2003:113-01 (mod_auth_any) |
CAN-2003-0084 | |
| Redhat Linux 8.0 | The XFree86 system software package contains multiple security vulnerabilities. |
Red Hat Linux Security Advisory RHSA-2003:067-01 (XFree86) |
CAN-2001-1409 CAN-2002-1472 CAN-2002-0164 CAN-2003-0063 CAN-2003-0071 | |
| Mandrake Linux 8.2-9.1; Redhat Linux 7.1-9.0 | The kon2 console Kanji emulator contains a buffer overflow vulnerability that may be exploited by local users to gain root privilege. |
MandrakeSoft
Security Advisory MDKSA-2003:064: kon2 Red Hat Linux Security Advisory RHSA-2003:047-01 (kon2) |
CAN-2002-1155 | |
| Mandrake Linux 9.1; Redhat Linux 8.0-9.0 | The Apache web server version 2.0.45 and prior contain two denial of service vulnerabilities. |
MandrakeSoft
Security Advisory MDKSA-2003:063: apache2 Red Hat Linux Security Advisory RHSA-2003:186-01 (Apache) |
CAN-2003-0189 CAN-2003-0245 | |
| Mandrake Linux 8.2-9.1; Redhat Linux 7.3-9.0 | The CUPS printing system contains a denial of service vulnerability in that its IPP TCP port (631) is single-threaded and a malicious user can stop job processing by holding a connection to that port. |
MandrakeSoft
Security Advisory MDKSA-2003:062: CUPS Red Hat Linux Security Advisory RHSA-2003:171-01 (CUPS) |
CAN-2003-0195 | |
| Mandrake Linux 8.2-9.1; Redhat Linux 7.1-9.0 | The GnuPG program incorrectly evaluates trust on keys, causing messages to be accepted when they should not be. |
MandrakeSoft
Security Advisory MDKSA-2003:061: GnuPG Red Hat Linux Security Advisory RHSA-2003:175-01 (GnuPG) |
CAN-2003-0255 | |
| Mandrake Linux 8.2-9.0 | The psbanner program insecurely created temporary files, and when used as a filter with LPRng, can be used to write to any file owned by the user ID that LPRng runs as. |
MandrakeSoft
Security Advisory MDKSA-2003:060: LPRng |
CAN-2003-0136 | |
| Mandrake Linux 8.2-9.1 | The cdrecord program is setuid root and setgid cdwriter, which could allow local users to gain root privileges. |
MandrakeSoft
Security Advisory MDKSA-2003:058: cdrecord |
CAN-2003-0289 | |
| Debian 3.0; Mandrake Linux 8.2-9.0; Redhat Linux 7.1-8.0 | MySQL 3.23.55 and prior allowed users to create world-writable files using the "SELECT * INTO OUTFILE" command. If users chose to wrote to the MySQL configuration file, they could cause MySQL to run as the root user at its next restart and users could then overwrite any file on the system. |
Debian Security
Advisory DSA-303-1 15 May 2003 (mysql) MandrakeSoft Security Advisory MDKSA-2003:057: MySQL Red Hat Linux Security Advisory RHSA-2003:093-01 (MySQL) |
CAN-2003-0073 CAN-2003-0150 | |
| Debian 2.2-3.0 | The gtop remote machine monitoring program contains a buffer overflow which could allow arbitrary code execution by an attacker. |
Debian Security
Advisory DSA-301-1 07 May 2003 (libgtop) |
None | |
| Debian 2.2-3.0 | The Balsa email package, which depends on mutt, inherited mutt's buffer overflow vulnerability. |
Debian Security
Advisory DSA-300-1 06 May 2003 (balsa) |
See also Mutt: CAN-2003-0167 | |
| Debian 2.2-3.0 | The leksbot program /usr/bin/KATAXWR was incorrectly installed setuid root. |
Debian Security
Advisory DSA-299-1 02 May 2003 (leksbot) |
None | |
| Debian 2.2-3.0 | The EPIC4 Internet Relay Chat client contains a message parsing vulnerability that may allow a denial of service or execution of arbitrary code by a remote attacker. |
Debian Security
Advisory DSA-298-1 02 May 2003 (epic4) |
None | |
| Debian 2.2-3.0 | The mime-support program run-mailcap contains a race condition that may allow an attacker to display different content. |
Debian Security
Advisory DSA-292-3 30 April 2003 (mime-support) |
None | |
| Debian 2.2-3.0 | The pptpd Point to Point Tunneling Server contains a buffer overflow vulnerability. |
Debian Security
Advisory DSA-295-1 30 April 2003 (pptpd) |
CAN-2003-0213 | |
| Mandrake Linux 8.2-9.1; Redhat Linux 7.1-9.0 | xinetd contains a denial of service vulnerability due to allocated memory was not freed when a connection was refused, allowing an attacker to cause the xinetd server to crash. |
MandrakeSoft
Security Advisory MDKSA-2003:056: xinetd Red Hat Linux Security Advisory RHSA-2003:160-01 (xinetd) |
CAN-2003-0211 | |
| Mandrake Linux 9.1 | The kopete KDE instant messenger client contains a vulnerability in the GnuPG plugin. |
MandrakeSoft
Security Advisory MDKSA-2003:055: kopete |
CAN-2003-0256 | |
| Mandrake Linux 9.0-9.1; Redhat Linux 8.0-9.0 | The Eye of Gnome (eog) program (used to display graphics) contains a buffer overflow vulnerability that may be exploited via a carefully crafted filename. |
MandrakeSoft
Security Advisory MDKSA-2003:048: eog Red Hat Linux Security Advisory RHSA-2003:128-01 (Eye of GNOME) |
CAN-2003-0165 | |
| RedHat Linux 7.1-9.0 | The tcpdump packet capture and display program contains multiple buffer overflow and denial of service vulnerabilities. |
Red Hat Linux Security Advisory RHSA-2003:174-01 (tcpdump)
Red Hat Linux Security Advisory RHSA-2003:032-01 (tcpdump) |
CAN-2002-1350 CAN-2003-0108 CAN-2003-0145 CAN-2003-0194 | |
| Debian 2.2-3.0 | The gkrellm-newsticker plugin for gkrellm contains a shell escape vulnerability that could allow an attacker to execute arbitrary shell commands. The plugin also contains a denial of service vulnerability. |
Debian Security
Advisory DSA-294-1 23 April 2003 (gkrellm-newsticker) |
CAN-2003-0205 CAN-2003-0206 | |
| Debian 2.2-3.0 | The ircII Internet Relay Chat client contains a message parsing vulnerability that may allow a denial of service or execution of arbitrary code by a remote attacker. |
Debian Security
Advisory DSA-291-1 22 April 2003 (ircii) |
None | |
| Debian 2.2-3.0 | The rinetd IP redirection server contains a memory resizing error that may allow a denial of service or execution of arbitrary code. |
Debian Security
Advisory DSA-289-1 17 April 2003 (rinetd) |
None | |
| Debian 2.2-3.0 | The EPIC IRC client contains multiple buffer overflow vulnerabilities. |
Debian Security
Advisory DSA-287-1 15 April 2003 (EPIC) |
None | |
| Mandrake Linux 9.1; RedHat Linux 9.0 | The gtkhtml HTML rendering widget used by the Evolution mail reader can be crashed by malformed HTML. |
MandrakeSoft
Security Advisory MDKSA-2003:046: gtkhtml Red Hat Linux Security Advisory RHSA-2003:126-01 (gtkhtml) |
CAN-2003-0133 | |
| Debian 2.2-3.0 | The moxftp GUI FTP client contains contains insufficient bounds checking and could allow executing of arbitrary code by a malicious FTP server. |
Debian Security
Advisory DSA-281-1 8 April 2003 (moxftp) |
None | |
| Caldera OpenLinux 3.1.1; RedHat Linux 7.1-8.0 | The mgetty program contains a possible buffer overflow vulnerability and a world-writable directory permission problem. |
Caldera
Security Advisory CSSA-2003-021.0 (mgetty) Red Hat Linux Security Advisory RHSA-2003:036-01 (mgetty) |
CAN-2002-1391 CAN-2002-1392 | |
| RedHat Linux 9.0 | The vsftpd FTP daemon does not check tcp_wrappers host-based access controls. |
Red Hat Linux Security Advisory RHSA-2003:084-01 (vsftpd) |
CAN-2003-0135 | |
| Debian 3.0; Mandrake Linux 9.0 | The Eterm terminal emulator improperly escape sequences and may allow untrusted input to change parameters or execute arbitrary commands. |
Debian Security
Advisory DSA-309-1 06 June 2003 (eterm) MandrakeSoft Security Advisory MDKSA-2003:040: Eterm |
CAN-2003-0021 CAN-2003-0068 | |
| Debian 2.2-3.0 | The ecartis (nee listar) mail list manager allows remote users to reset the password of any user on the list server. |
Debian Security
Advisory DSA-271-1 27 March 2003 (ecartis, listar) |
CAN-2003-0138 | |
| SGI Irix 6.5-6.5.19 | The Java virtual machine and Secure Socket Extension contain numerous vulnerabilities. |
SGI Advisory 20030303-01-I
|
CAN-2002-0059 | |
| Debian 3.0 | The lxr hypertext cross-referencing tool allows remote attackers to read arbitrary files on the server. |
Debian Security
Advisory DSA-264-1 19 March 2003 (lxr) |
None | |
| Debian 2.2-3.0; NetBSD 1.4-1.6 | The Kerberos IV protocol contains a cryptographic weakness that makes it vulnerable to chosen-plaintext attacks. Cross-realm authentication can not be secured. |
Debian Security
Advisory DSA-273-1 28 March 2003 (krb4)
Debian Security
Advisory DSA-269-2 9 April 2003 (heimdal) NetBSD Security Advisory 2003-006 |
CAN-2003-0138 | |
| Debian 2.2-3.0; RedHat Linux 7.2-9.0 | The mutt mail client contains a buffer overflow vulnerability in its imap code which would allow a malicious IMAP server to execute arbitrary code on the client. |
Debian Security
Advisory DSA-274-2 7 April 2003 (mutt)
Debian Security
Advisory DSA-268-1 25 March 2003 (mutt) Red Hat Linux Security Advisory RHSA-2003:109-03 (balsa mutt) |
CAN-2003-0140 CAN-2003-0167 CAN-2002-1090 | |
| Debian 2.2-3.0; Mandrake Linux 8.2; SGI IRIX 6.5-6.5.19 | The BSD lpr print spooler contains a locally-exploitable buffer overflow vulnerability. |
Debian Security
Advisory DSA-275-1 2 April 2003 (lpr-ppd)
Debian Security
Advisory DSA-267-2 15 April 2003 (lpr) MandrakeSoft Security Advisory MDKSA-2003:059: lpr SGI Advisory 20030406-01-P (lpr) |
CAN-2003-0144 | |
| Debian 2.2-3.0; RedHat Linux | The Kerberos 5 contains buffer overflow vulnerabilities and an XDR decoding vulnerability. |
Debian Security
Advisory DSA-266-1 17 March 2003 (krb5) Red Hat Linux Security Advisory RHSA-2003:091-01 Red Hat Linux Security Advisory RHSA-2003:051-01 |
CAN-2003-0028 CAN-2003-0036 CAN-2003-0058 CAN-2003-0059 CAN-2003-0072 CAN-2003-0082 CAN-2003-0138 CAN-2003-0139 | |
| Debian 2.2-3.0 | The bonsai Mozilla CVS query tool via web interface contains numerous vulnerabilities. |
Debian Security
Advisory DSA-265-1 21 March 2003 (bonsai) |
CAN-2003-0152 CAN-2003-0153 CAN-2003-0154 CAN-2003-0155 | |
| Mandrake Linux 9.0-9.1; RedHat Linux 7.3-8.0 | The Evolution mail user agent contains several vulnerabilities. |
MandrakeSoft
Security Advisory MDKSA-2003:045: evolution Red Hat Linux Security Advisory RHSA-2003:108-01 (Evolution) |
CAN-2003-0128 CAN-2003-0129 CAN-2003-0130 | |
| Caldera OpenLinux 3.1-3.1.1; Debian 3.0; Mandrake Linux 9.0; RedHat Linux 7.1-8.0 | The ptrace system call may be used to gain elevated privileges. |
Caldera
Security Advisory CSSA-2003-020.0 (kernel) Debian Security Advisory DSA-276-1 3 April 2003 (kernel-patch-2.4.17-s390, kernel-image-2.4.17-s390) Debian Security Advisory DSA-270-1 27 March 2003 (kernel-patch-2.3.17-mips, kernel-patch-2.3.19-mips) MandrakeSoft Security Advisory MDKSA-2003:038: kernel Red Hat Linux Security Advisory RHSA-2003:145-01 (2.4 kernel) Red Hat Linux Security Advisory RHSA-2003:098-00 (2.4 kernel) |
CAN-2003-0127 CAN-2003-0244 | |
| Debian 2.2-3.0; Mandrake Linux 8.2-9.1; RedHat Linux 7.0-8.0 | The netpbm graphics utilities contain math overflow errors. These utilities are often used by privileged users to process data, and if malicious data is processed may allow execution of arbitrary code. |
MandrakeSoft
Security Advisory MDKSA-2003:036: netpbm Debian Security Advisory DSA-263-1 17 March 2003 (netpbm-free) Red Hat Linux Security Advisory RHSA-2003:060-01 (NetPBM) |
CAN-2003-0146 | |
| Mandrake Linux 8.2-9.1; RedHat Linux 6.2-8.0 | The rxvt program improperly handles escape sequences and may allow arbitrary commands to be executed in terminal sessions. |
MandrakeSoft
Security Advisory MDKSA-2003:034: rxvt Red Hat Linux Security Advisory RHSA-2003:054-00 (rxvt) |
CAN-2003-0022 CAN-2003-0023 CAN-2003-0066 | |
| RedHat Linux 8.0 | The Gnome-lokkit firewall administration utility does not manage the FORWARD chain, allowing packets to pass unfiltered if packet forwarding is enabled. |
Red Hat Linux Security Advisory RHSA-2003:072-00 (Gnome-lokkit) |
CAN-2003-0080 | |
| Mandrake Linux 8.1-9.0 | The /usr/bin/shutdown command in the usermode package can be used by local users to kill all processes and obtain a root shell. |
MandrakeSoft
Security Advisory MDKSA-2003:031: usermode |
None | |
| Caldera OpenLinux Server 3.1-3.1.1, OpenLinux Workstation 3.1-3.1.1; Mandrake Linux 7.1-8.1; NetBSD 1.5-1.6; | The zlib library contains a memory management bug that may allow untrusted input to cause a denial of service or execute arbitrary code. |
Caldera
Security Advisory CSSA-2003-011.0 (zlib) MandrakeSoft Security Advisory MDKSA-2003:033: zlib NetBSD Security Advisory 2003-004 SGI Advisory 20030302-01-I |
None | |
| Mandrake Linux 9.1; Debian 2.2-3.0; Redhat Linux 7.2-9.0 | The ethereal network traffic analyzer program contains a format string vulnerability that may allow remote attackers to execute arbitrary code. Integer overflows were found in the Mount and PPP dissectors. Buffer overflows were found in the AIM, GIOP Gryphon, OSPF, PPTP, Quake, Quake2, Quake3, Rsync, SOCKS, SMB, SMPP, and TSP dissectors. |
Debian Security
Advisory DSA-324-1 18 June 2003 (ethereal)
Debian Security
Advisory DSA-258-1 10 March 2003 (ethereal) MandrakeSoft Security Advisory MDKSA-2003:070: ethereal MandrakeSoft Security Advisory MDKSA-2003:067: ethereal MandrakeSoft Security Advisory MDKSA-2003:051: ethereal Red Hat Linux Security Advisory RHSA-2003:203-01 (ethereal) Red Hat Linux Security Advisory RHSA-2003:076-01 (ethereal) |
CAN-2003-0081 CAN-2003-0159 CAN-2003-0356 CAN-2003-0357 CAN-2003-0428 CAN-2003-0429 CAN-2003-0430 CAN-2003-0431 CAN-2003-0432 | |
| Caldera OpenLinux 3.1-3.1.1; Debian 2.2-3.0; Mandrake Linux 8.2-9.0; NetBSD 1.5-1.6; RedHat Linux 6.2-8.0 | The file identification program contains a memory allocation and stack corruption problem that may be abused by local users to gain unauthorized privileges when the file command is executed by a privileged user or script on a malicious file. |
Caldera
Security Advisory CSSA-2003-018.0 (file) Debian Security Advisory DSA-260-1 13 March 2003 (file) MandrakeSoft Security Advisory MDKSA-2003:030: file NetBSD Security Advisory 2003-003 Red Hat Linux Security Advisory RHSA-2003:086-07 |
CAN-2003-0102 | |
| Debian 3.0; Mandrake Linux 8.2-9.1 | The snort intrusion detection system contains a buffer overflow vulnerability in its RPC message normalization function and in the TCP stream reassembly procedure. |
Debian Security
Advisory DSA-297-1 1 May 2003 (snort) MandrakeSoft Security Advisory MDKSA-2003:052: snort MandrakeSoft Security Advisory MDKSA-2003:029: snort |
CAN-2003-0209 | |
| SGI Irix | The /sbin/ps program contains a buffer overflow vulnerability that may allow increase privileges. |
SGI Advisory 20030202-01-I
|
CAN-199900301 | |
| RedHat Linux 8.0 | The vte terminal emulator widget used by gnome-terminal allows escape sequences in terminal output to set or get the title of the window. However, malicious sequences can grab the window title and put it into the shell command line. |
Red Hat Linux Security Advisory RHSA-2003:053-10 (vte) |
CAN-2003-0070 | |
| FreeBSD 4.5-4.7, 5.0 | TCP SYN cookies (initial sequence numbers that are verifiable cryptographically to prevent SYN flood attacks and sequence number guessing) are generated using keys that are too short. This makes brute-force attacks feasible. |
FreeBSD SA 03:03 (syncookies) |
None | |
| Caldera OpenLinux Server 3.1-3.1.1, OpenLinux Workstation 3.1-3.1.1; Debian 3.0; Mandrake Linux 8.2-9.0 | The apcupsd server contains numerous buffer overflow vulnerabilities. |
Caldera
Security Advisory CSSA-2003-015.0 (apcupsd) Debian Security Advisory DSA-277-1 3 April 2003 (apcupsd) MandrakeSoft Security Advisory MDKSA-2003:018: apcupsd |
None | |
| SGI IRIX | Multiple vulnerabilities exist in the IRIX TCP/IP networking kernel. |
SGI Advisory
20030201-01-P |
CAN-1999-0077 CAN-2001-0328 | |
| Debian 2.2-3.0 | NANOG's traceroute contains a buffer overflow that may be exploited by a remote attacker. Traceroute also failed to drop root privileges. |
Debian Security
Advisory DSA-330-1 24 June 2003 (traceroute)
Debian Security
Advisory DSA-254-1 27 February 2003 (traceroute) |
CAN-2002-1364 | |
| Mandrake Linux 8.2-9.0 | The mcookie tool in the util-linux package generates predictable cookies. |
MandrakeSoft
Security Advisory MDKSA-2003:016: util-linux |
None | |
| Many | tcpdump is vulnerable to a denial of service when processing a specially-crafted RPC or RADIUS packet. |
Debian Security
Advisory DSA-261-1 14 March 2003 (tcpdump)
Debian Security
Advisory DSA-255-1 27 February 2003 (tcpdump) MandrakeSoft Security Advisory MDKSA-2003:027: tcpdump |
CAN-2002-1219 CAN-2002-1220 CAN-2002-1221 | |
| Many | Sendmail prior to version 8.12.9 contain two buffer overflow vulnerabilities that may be exploited by specially-crafted email messages. |
Caldera
Security Advisory CSSA-2003-016.0 (sendmail)
Caldera
Security Advisory CSSA-2003-010.0 (sendmail) Debian Security Advisory DSA-290-1 17 April 2003 (sendmail) Debian Security Advisory DSA-278-2 4 April 2003 (sendmail) Debian Security Advisory DSA-257-1 4 March 2003 (sendmail) FreeBSD SA 03:07 (sendmail) FreeBSD SA 03:04 (sendmail) MandrakeSoft Security Advisory MDKSA-2003:028: sendmail NetBSD Security Advisory 2003-009 NetBSD Security Advisory 2003-002 SGI Advisory 20030401-01-P SGI Advisory 20030301-01-P Red Hat Linux Security Advisory RHSA-2003:120-01 (sendmail) Red Hat Linux Security Advisory RHSA-2003:073-06 (sendmail) |
CAN-2002-1219 CAN-2002-1220 CAN-2002-1221 | |
| Mandrake Linux 7.2-9.0 | The useradd tool in the shadow-utils package creates mailboxes with insecure permissions. |
MandrakeSoft
Security Advisory MDKSA-2003:026: shadow-utils |
CAN-2002-1509 | |
| Debian 2.2-3.0; FreeBSD 4.0-4.7, 5.0; Mandrake Linux 7.2-9.1; NetBSD 1.5-1.6; RedHat Linux 6.2-8.0 | OpenSSL is vulnerable to a timing-based attack. |
Caldera
Security Advisory CSSA-2003-014.0 (openssl) Debian Security Advisory DSA-288-1 17 April 2003 (openssl) Debian Security Advisory DSA-253-1 24 February 2003 (openssl) FreeBSD SA 03:06 (openssl) FreeBSD SA 03:02 (openssl) MandrakeSoft Security Advisory MDKSA-2003:035: openssl MandrakeSoft Security Advisory MDKSA-2003:020: openssl NetBSD Security Advisory 2003-007 NetBSD Security Advisory 2003-005 NetBSD Security Advisory 2003-001 Red Hat Linux Security Advisory RHSA-2003:101-01 (OpenSSL) Red Hat Linux Security Advisory RHSA-2003:062-11 (OpenSSL) |
CAN-2003-0078 | |
| Mandrake Linux 7.2-9.0; Redhat Linux 7.0-8.0 | VNC contains a challenge replay vulnerability and a weak cookie vulnerability. |
MandrakeSoft
Security Advisory MDKSA-2003:022: vnc Red Hat Linux Security Advisory RHSA-2003:041-12 (VNC) |
CAN-2002-1336 CAN-2002-1511 | |
| Mandrake Linux 8.1-9.0; Redhat Linux 7.1-8.0 | The pam_xauth X authorization forwarding module forwards authorizations from root to unprivileged users, which could allow unprivileged users to gain access to administrator X sessions. |
MandrakeSoft
Security Advisory MDKSA-2003:017: pam Red Hat Linux Security Advisory RHSA-2003:035-10 (pam_xauth) |
CAN-2002-1160 | |
| Debian 2.2-3.0; RedHat Linux 7.0-.0 | The w3m browser does not properly escape HTML tags in frames and image attributes, allows malicious servers to read arbitrary cookies. |
Debian Security
Advisory DSA-251-1 14 February 2003 (w3m, s3m-ssl)
Debian Security
Advisory DSA-250-1 13 February 2003 (w3mmee-ssl)
Debian Security
Advisory DSA-249-1 11 February 2003 (w3mmee) Red Hat Linux Security Advisory RHSA-2003:044-20 (w3m) |
CAN-2002-1335 CAN-2002-1348 | |
| Redhat Linux 8.0 | The kernel-utils package contains a user-mode linux (UML) uml_net utility that is incorrectly setuid-root and allows local users to modify network configuration. |
Red Hat Linux Security Advisory RHSA-2003:056-08 (kernel-utils) |
CAN-2003-0019 | |
| Mandrake Linux 9.0; Redhat Linux 8.0-9.0 | The PHP dynamic web server module contains a buffer overflow vulnerability in its wordwrap() function. Remote attackers may be able to execute arbitrary code on the server or cause a denial of service if user input is passed to the wordwrap() function. An additional problem has been found that allows cross-site scripting. |
MandrakeSoft
Security Advisory MDKSA-2003:019: php Red Hat Linux Security Advisory RHSA-2003:204-01 (PHP) Red Hat Linux Security Advisory RHSA-2003:017-06 (PHP) |
CAN-2003-0442 CAN-2002-1396 | |
| Mandrake Linux 7.2-9.0 | The mysql server contains a double-free vulnerability that allows authenticated database users to cause a denial of service. |
MandrakeSoft
Security Advisory MDKSA-2003:013: mysql |
None | |
| Debian 2.2-3.0 | The hypermail email archive translator to HTML program contains multiple buffer overflow vulnerabilities. |
Debian Security
Advisory DSA-248-1 31 January 2003 (hypermail) |
CAN-2003-0057/A> | |
| Debian 2.2-3.0 | The noffle news reader contains a vulnerability that allows a denial of service. |
Debian Security
Advisory DSA-244-1 27 January 2003 (noffle) |
CAN-2003-0037/A> | |
| Mandrake Linux 8.0-9.0 | The tools installed by the printer-drivers package contain multiple buffer overflow and race condition vulnerabilities that allow local users to gain increased privileges. |
MandrakeSoft
Security Advisory MDKSA-2003:010: printer-drivers |
None | |
| Mandrake Linux 8.1-9.0; Redhat Linux 6.2-8.0 | The Kerberos 5 ftp client will execute arbitrary commands if a file name beginning with a pipe symbol (|) is retrieved. |
MandrakeSoft
Security Advisory MDKSA-2003:021: krb5 Red Hat Linux Security Advisory RHSA-2003:020-10 |
CAN-2003-0041 | |
| Debian 3.0 | The Tomcat Java Servlet Engine allows access to unprocessed source code or unauthorized access to static resources. |
Debian Security
Advisory DSA-246-1 29 January 2003 (tomcat) |
CAN-2003-0042 CAN-2003-0043 CAN-2003-0044 | |
| Caldera Linux 3.1-3.1.1; FreeBSD 4.0-4.7, 5.0; Debian 2.2-3.0; Mandrake Linux 7.2-9.0; Redhat Linux 6.2-8.0 | The cvs server contains a double-free bug which may allow users to execute arbitrary code. |
Caldera
Security Advisory CSSA-2003-006.0 (cvs) Debian Security Advisory DSA-233-1 21 January 2003 (cvs) FreeBSD SA 03:01 (cvs) MandrakeSoft Security Advisory MDKSA-2003:009: cvs Red Hat Linux Security Advisory RHSA-2003:012-07 |
CAN-2003-0015 | |
| FreeBSD 4.3-4.7 | A local attacker could abuse an error in the fpathconf system call to cause a system crash. |
FreeBSD SA 02:44 (fpathconf)
|
None | |
| Mandrake Linux 8.0-9.0; Redhat Linux 6.2-8.0 | The OpenLDAP server contains numerous remotely-exploitable buffer overflow vulnerabilities. |
MandrakeSoft
Security Advisory MDKSA-2003:006: openldap Red Hat Linux Security Advisory RHSA-2003:040-07 (openldap) |
CAN-2002-1378 CAN-2002-1379 | |
| Mandrake Linux 8.2-9.0 | The leafnode news server can be given an article which causes it to enter an infinite loop. |
MandrakeSoft
Security Advisory MDKSA-2003:005: leafnode |
None | |
| Debian 3.0; Mandrake Linux 8.1-9.0; Redhat Linux 7.1-9.0 | The KDE window manager system improperly quotes parameters to shell commands. This allows attackers to execute arbitrary commands when victims view email, URLs, or other information in the KDE environment. |
Debian Security
Advisory DSA-243-1 24 January 2003 (kdemultimedia)
Debian Security
Advisory DSA-242-1 24 January 2003 (kdebase)
Debian Security
Advisory DSA-241-1 24 January 2003 (kdeutils)
Debian Security
Advisory DSA-240-1 23 January 2003 (kdegames)
Debian Security
Advisory DSA-239-1 23 January 2003 (kdesdk)
Debian Security
Advisory DSA-238-1 23 January 2003 (kdepim)
Debian Security
Advisory DSA-237-1 22 January 2003 (kdenetwork)
Debian Security
Advisory DSA-235-1 22 January 2003 (kdegraphics)
Debian Security
Advisory DSA-234-1 22 January 2003 (kdeadmin) MandrakeSoft Security Advisory MDKSA-2003:004: KDE Red Hat Linux Security Advisory RHSA-2003:002-01 |
CAN-2002-1393 | |
| Debian 2.2-3.0 | The IMP web-based IMAP mail program contains an SQL injection vulnerability that may allow remote attackers to execute arbitrary SQL code on the underlying database. |
Debian Security
Advisory DSA-229-2 15 January 2003 (imp) |
CAN-2003-0025/A> | |
| Debian 2.2-3.0 | The geneweb genealogical server contains a vulnerability that allows remote users to read arbitrary files on the server. |
Debian Security
Advisory DSA-223-1 7 January 2003 (geneweb) |
CAN-2002-1390 | |
| Debian 2.2-3.0 | The libmcrypt library contains multiple buffer overflow vulnerabilities and a memory buffer leak that may allow execution of arbitrary code and denials of service in applications that use the library. |
Debian Security
Advisory DSA-228-1 14 January 2003 (libmcrypt) |
CAN-2003-0031/A>
Debian Security
Advisory DSA-221-1 3 January 2003 (mhonarc) |
CAN-2002-1388 |
| Debian 2.2-3.0; Mandrake Linux 7.2-9.1; RedHat Linux 6.2-9.0 | The xpdf program contains an integer overflow vulnerability that may be used to gain privileges if the pdftops program is used in a print filter. Another vulnerability has been found that allows a malicious document to execute arbitrary commands. |
Debian Security
Advisory DSA-222-1 6 January 2003 (xpdf) Debian Security Advisory DSA-226-1 6 January 2003 (xpdf-i) MandrakeSoft Security Advisory MDKSA-2003:071: xpdf MandrakeSoft Security Advisory MDKSA-2003:002: xpdf Red Hat Linux Security Advisory RHSA-2003:196-01 (Xpdf) Red Hat Linux Security Advisory RHSA-2003:037-09 (Xpdf) |
CAN-2003-0434 CAN-2002-1384 | |
| Debian 2.2-3.0 | The Cyrus IMAPD server contains a remote buffer overflow vulnerability. |
Debian Security
Advisory DSA-215-1 23 December 2002 (cyrus-imapd) |
None | |
| Debian 2.2-3.0 | The typespeed game contains a buffer overflow that allows execution of arbitrary commands with the permission of the group 'games'. |
Debian Security
Advisory DSA-217-1 27 December 2002 (typespeed) |
None | |
| Debian 2.2, 3.0; Mandrake Linux 7.2-9.0; Redhat Linux 8.0 | The DHCP server contains multiple buffer overflow vulnerabilities. The minires library in ISC dhcp also contains buffer overflow vulnerabilities. |
Debian Security
Advisory DSA-245-1 28 January 2003 (dhcp3)
Debian Security
Advisory DSA-216-1 31 December 2002 (dhcpcd)
Debian Security
Advisory DSA-231-1 17 January 2003 (dhcp3) MandrakeSoft Security Advisory MDKSA-2003:003: dhcpcd MandrakeSoft Security Advisory MDKSA-2003:007: dhcp Red Hat Linux Security Advisory RHSA-2003:034-01 Red Hat Linux Security Advisory RHSA-2003:011-07 |
CAN-2003-0026 CAN-2003-0039 | |
| Mandrake Linux 7.2-9.0; Redhat Linux 6.2-8.0 | The vim editor automatically executes unsafe code when editing files containing certain strings. |
MandrakeSoft
Security Advisory MDKSA-2003:012: vim Red Hat Linux Security Advisory RHSA-2002:297-17 |
CAN-2002-1377 | |
| SCO/Caldera OpenLinux Server & Workstation 3.1-3.1.1; Debian Linux 3.0; Mandrake Linux 7.2-9.0; Redhat Linux 7.3-8.0 | The CUPS printing system contains a number of remotely exploitable vulnerabilities that allow execution of arbitrary code as user lp or root. |
Caldera
Security Advisory CSSA-2003-004.0 (cups) Debian Security Advisory DSA-232-2 20 February 2003 (cupsys) MandrakeSoft Security Advisory MDKSA-2003:001: cups Red Hat Linux Security Advisory RHSA-2002:295-07 |
CAN-2002-1366 CAN-2002-1367 CAN-2002-1368 CAN-2002-1369 CAN-2002-1371 CAN-2002-1372 CAN-2002-1383 | |
| Redhat Linux 7.2-8.0 | Ethereal's BGP, LMP, PPP, and TDS packet dissectors contain buffer overflow and/or denial of service vulnerabilities in versions prior to 0.9.8. |
Red Hat Linux Security Advisory RHSA-2002:290-07 |
CAN-2002-1355 CAN-2002-1356 | |
| Debian 2.2-3.0; Mandrake Linux 7.2-9.0; Redhat Linux 7.0-8.0 | MySQL 3.x-3.23.53a and 4.x-4.0.5a contains multiple vulnerabilities. |
Debian Security
Advisory DSA-212-1 17 December 2002 (mysql) MandrakeSoft Security Advisory MDKSA-2002:087: MySQL Red Hat Linux Security Advisory RHSA-2002:288-22 |
CAN-2002-1373 CAN-2002-1374 CAN-2002-1375 CAN-2002-1376 | |
| Redhat Linux 8.0 | Cyrus SASL versions 2.1-2.1.9 contain buffer overflow vulnerabilities. |
Red Hat Linux Security Advisory RHSA-2002:283-09 |
CAN-2002-1347 | |
| Redhat Linux 8.0 | The Net-SNMP package contains a denial of service vulnerability. |
Red Hat Linux Security Advisory RHSA-2002:228-11 |
CAN-2002-1170 | |
| Debian 3.0; SCO/Caldera OpenLinux Workstation & Server 3.1-3.1.1; Mandrake Linux 7.2-9.0 | The webmin system contains cross-site scripting and session ID vulnerabilities. |
Debian Security
Advisory DSA-319-1 12 June 2003 (webmin) Caldera Security Advisory CSSA-2003-002.0 (webmin) MandrakeSoft Security Advisory MDKSA-2003:025: webmin |
CAN-2003-0101 CAN-2002-0756 CAN-2002-0757 | |
| SCO/Caldera OpenLinux Workstation & Server 3.1-3.1.1; Debian 2.2-3.0; Mandrake Linux 7.2-9.0; RedHat Linux 6.2-8.0 | The fetchmail program prior to version 6.2.0 contains a buffer overflow that may be manipulated by sending a mail message with a large number of local addresses. |
Caldera
Security Advisory CSSA-2003-001.0 (fetchmail) Debian Security Advisory DSA-216-1 24 December 2002 (fetchmail) MandrakeSoft Security Advisory MDKSA-2003:011: fetchmail Red Hat Linux Security Advisory RHSA-2002:293-09 |
CAN-2002-1365 | |
| SGI IRIX | The FTP client improperly handles filenames from malicious servers and may allow such servers to create or overwrite arbitrary files. |
SGI Advisory
20021205-01-A |
CAN-2002-1345 | |
| Debian 2.2-3.0; Redhat Linux 7.2-7.3 | The mICQ client contains a denial of service vulnerability. |
Debian Security
Advisory DSA-211-1 13 December 2002 (micq) Red Hat Linux Security Advisory RHSA-2003:118-01 (mICQ) |
None | |
| Debian 2.2-3.0 | The perl module Safe.pm namespace safety module may be compromised if executed more than once in a program. |
Debian Security
Advisory DSA-208-1 12 December 2002 (perl, perl-5.004, perl-5.005) |
CAN-2002-1323 | |
| Debian 3.0 | The gtetrinet multiplayer tetris-like game contains multiple buffer overflow vulnerabilities. |
Debian Security
Advisory DSA-205-1 10 December 2002 (gtetrinet) |
None | |
| SCO/Caldera OpenLinux Workstation & Server 3.1.1; Debian 2.2-3.0; Redhat Linux 7.1-8.0 | The Canna server for Japanese character input contains a buffer overflow vulnerability that allows local users to gain the privilege of the user "bin" and may in turn gain additional privileges. |
Caldera
Security Advisory CSSA-2003-005.0 (canna) Debian Security Advisory DSA-224-1 8 January 2003 (canna) Red Hat Linux Security Advisory RHSA-2002:246-18 |
CAN-2002-1158 CAN-2002-1159 | |
| Debian 2.2-3.0; Mandrake Linux 7.2-9.0; Redhat Linux 6.2-8.0 | The wget FTP and HTTP client program contains a bug that allows malicious FTP servers to send filenames that create or overwrite arbitrary files on the local filesystem. |
Caldera
Security Advisory CSSA-2003-003.0 (wget) Debian Security Advisory DSA-209-1 12 December 2002 (wget) MandrakeSoft Security Advisory MDKSA-2002:086: wget Red Hat Linux Security Advisory RHSA-2002:229-10 |
CAN-2002-1344 | |
| Debian 2.2-3.0 | smb2www Windows Network client accessible via HTTP contains a vulnerability that allows remote attackers to execute arbitrary programs with the privilege of the user running the web server. |
Debian Security
Advisory DSA-203-1 4 December 2002 (smb2www) |
None | |
| Debian 3.0 | Free/SWan (an IPsec implementation) does not properly handle short packets and can result in a denial of service. |
Debian Security
Advisory DSA-201-1 2 December 2002 (freeswan) |
None | |
| Mandrake Linux 7.2-9.0; RedHat Linux 6.2-8.0 | The Pine mail user application contains a remotely-exploitable vulnerability in the parsing of email addresses. |
MandrakeSoft
Security Advisory MDKSA-2002:084: pine Red Hat Linux Security Advisory RHSA-2002:270-16 |
CAN-2002-1320 | |
| Caldera OpenLinux 3.1-3.1.1; Debian 2.2-3.0; Mandrake Linux 8.0-9.0; Redhat Linux 7.2-8.0; SGI IRIX | The Samba file server version 2.2.2 through 2.2.8 contain remotely-exploitable vulnerabilities. |
Caldera
Security Advisory CSSA-2003-017.0 (samba) Debian Security Advisory DSA-280-1 7 April 2003 (samba) Debian Security Advisory DSA-262-1 15 March 2003 (samba) MandrakeSoft Security Advisory MDKSA-2003:044: samba MandrakeSoft Security Advisory MDKSA-2003:032: samba MandrakeSoft Security Advisory MDKSA-2002:081: samba Red Hat Linux Security Advisory RHSA-2003:137-02 Red Hat Linux Security Advisory RHSA-2003:095-03 Red Hat Linux Security Advisory RHSA-2002:266-05 SGI Advisory 20030403-01-P SGI Advisory 20021204-01-I |
CAN-2003-0085 CAN-2003-0086 | |
| Mandrake Linux 9.0; Redhat Linux 7.2-8.0 | The KDE LAN browsing service contains a buffer overflow vulnerability that may be used to obtain root privileges or access to a user's account. |
Debian Security
Advisory DSA-214-1 20 December 2002 (kdenetwork) MandrakeSoft Security Advisory MDKSA-2002:080: kdenetwork Red Hat Linux Security Advisory RHSA-2002:220-40 (Numerous KDE issues) |
CAN-2002-1306 | |
| Caldera OpenLinux 3.1-3.1.1; Debian 3.0; Mandrake Linux 9.0 | The KIO subsystem support for rlogin allows maliciously-crafted URLs to execute arbitrary commands when followed by a victim. |
Caldera
Security Advisory CSSA-2003-012.0 (kio) Debian Security Advisory DSA-204-1 5 December 2002 (kdelibs) MandrakeSoft Security Advisory MDKSA-2002:079: kdelibs |
CAN-2002-1281 CAN-2002-1282 | |
| Debian 2.2-3.0; SCO/Caldera OpenLinux Workstation & Server 3.1-3.1.1; Mandrake Linux 7.2-9.0; RedHat Linux 6.2-8.0 | The lynx web browser accepts URLs with special characters that can result in passing forged headers in the HTTP query. |
Debian Security
Advisory DSA-210-1 13 December 2002 (lynx) MandrakeSoft Security Advisory MDKSA-2003:023: lynx Caldera Security Advisory CSSA-2002-049.0 (lynx) Red Hat Linux Security Advisory RHSA-2003:029-06 (lynx) |
None | |
| SCO/Caldera OpenLinux Workstation & Server 3.1-3.1.1 | The wwwoffled server allows remote users to cause a denial of service or execute arbitrary code via overflow Content-Length values. |
Caldera
Security Advisory CSSA-2002-048.0 (wwwoffled) |
None | |
| Debian 3.0 | The mhonarc mail to HTML convertor contains a cross-site scripting vulnerability. |
Debian Security
Advisory DSA-199-1 19 November 2002 (mhonarc) |
CAN-2002-1307 | |
| Debian 3.0 | The nullmailer relay-only mail transport agent is vulnerable to a simple denial of service attack. files. |
Debian Security
Advisory DSA-198-1 18 November 2002 (nullmailer) |
None | |
| Debian 3.0 | The Courier sqwebmail CGI program used to access local mailboxes contains a permission race that allows local users to read arbitrary files. |
Debian Security
Advisory DSA-197-1 15 November 2002 (courier) |
None | |
| SCO/Caldera OpenLinux Server 3.1-3.1.1 | The Preboot eXecution Environment server is vulnerable to denial of service attacks by receiving an invalid DHCP packet. |
Caldera
Security Advisory CSSA-2002-044.0 (pxe) |
||
| Many | BIND (Berkeley Internet Name Daemon) versions 8.2-8.2.6, 8.3.0-8.3.3 and 4.9.2-4.9.10 contain buffer overflow vulnerabilities that allow remote users to execute arbitrary code. BIND is also vulnerable to DNS spoofing attacks. |
CERT Advisory 2002-31 Debian Security Advisory DSA-196-1 14 November 2002 (bind) FreeBSD SA 02:43 (bind) MandrakeSoft Security Advisory MDKSA-2002:077: bind SGI Advisory 20021203-01-A SGI Advisory 20021201-01-P Caldera Security Advisory CSSA-2002-059.0 (BIND) |
CAN-2002-1219 CAN-2002-1220 CAN-2002-1221 | |
| Debian 3.0 | The masqmail mail transport agent contains multiple buffer overflow vulnerabilities. |
Debian Security
Advisory DSA-194-1 12 November 2002 (masqmail) |
CAN-2002-1279 | |
| Debian 3.0 | The klisa package contains a buffer overflow vulnerability that may be exploited by a local attacker. |
Debian Security
Advisory DSA-193-1 11 November 2002 (kdenetwork) |
None | |
| Debian 2.2-3.0 | The html2ps program opens files based on unsanitized input and the problem may be exploited when html2ps is used as a filter by lprng and the attacker has previously gained access to the lp account. |
Debian Security
Advisory DSA-192-2 6 December 2002 (html2ps) |
None | |
| SGI IRIX 6.5-6.5.17 | RPC services do not implement an adequate time-out when reading from TCP connections. As a result, a remote attacker may be able to cause a denial of service attack on RPC daemons. |
SGI Advisory
20021103-01-P |
CAN-2002-1265 | |
| NetBSD 1.5-1.6 | The IPFilter FTP proxy module does not properly maintain the state of FTP commands and responses and could allow a remote attacker to access arbitrary TCP connections to FTP servers or clients behind the firewall. | NetBSD Security Advisory 2002-024 | None | |
| Mandrake Linux 7.2-9.0 | The Perl MailTools module may allow remote users to execute arbitrary commands with root privilege due to the Mailer object's use of the mailx command. |
MandrakeSoft
Security Advisory MDKSA-2002:076: perl-MailTools |
None | |
| Debian 3.0; Mandrake Linux 7.2-9.0; RedHat Linux 6.2-8.0 | The WindowMaker window manager contains a buffer overflow vulnerability in its handling of image files. |
Debian Security
Advisory DSA-190-1 7 November 2002 (wmaker) MandrakeSoft Security Advisory MDKSA-2002:085: WindowMaker Red Hat Linux Security Advisory RHSA-2003:043-12 (WindowMaker) |
CAN-2002-1277 | |
| Debian 3.0 | The luxman game allows local users to gain read/write access to system memory, allowing a variety of local exploits. |
Debian Security
Advisory DSA-189-1 6 November 2002 (luxman) |
CAN-2002-1245 | |
| SGI IRIX 6.5-6.5.17 | Vulnerability in rpc.ttdbserverd daemon (ToolTalk RPC Service) |
SGI Advisory
20021102-01-P
SGI Advisory
20021102-02-P
SGI Advisory
20021101-01-P |
CAN-2002-0677 CAN-2002-0678 | |
| Debian 2.2-3.0; SGI IRIX 6.5-6.5.18; SCO/Caldera OpenLinux Workstation & Server 3.1-3.1.1; Redhat Linux 6.2-8.0 | The Apache HTTP server and associated utilities contain several remotely- and locally-exploitable vulnerabilities that could allow denial of service attacks, cross site scripting attacks, buffer overflows, race conditions, and overwriting arbitrary files. Apache 1.3.26 contains fixes for the known problems. |
Debian Security
Advisory DSA-195-1 13 November 2002 (apache-perl)
Debian Security
Advisory DSA-188-1 4 November 2002 (apache)
Debian Security
Advisory DSA-187-1 4 November 2002 (apache) SGI Advisory 20021105-01-I Red Hat Linux Security Advisory RHSA-2002:222-21 Caldera Security Advisory CSSA-2002-056.0 (apache) |
CAN-2002-0839 CAN-2002-0840 CAN-2002-0843 CAN-2002-1233 CAN-200-0131 | |
| Debian 3.0 | The log2mail log watching daemon contains a buffer overflow vulnerability that could allow execution of arbitrary code with root privilege. |
Debian Security
Advisory DSA-186-1 1 November 2002 (log2mail) |
None | |
| Mandrake Linux 7.2-9.0; Redhat Linux 6.2-9.0; SCO/Caldera OpenLinux Server & Workstation 3.1-3.1.1 | The ypserv NIS authentication server contains a remotely-exploitable memory leak that can result in a denial of service. |
MandrakeSoft
Security Advisory MDKSA-2003:072: ypserv
MandrakeSoft
Security Advisory MDKSA-2002:078: ypserv Red Hat Linux Security Advisory RHSA-2003:173-01 (ypserv) Red Hat Linux Security Advisory RHSA-2002:223-07 SCO Security Advisory CSSA-2002-054.0 (ypserv) |
CVE-2002-1232 | |
| SCO/Caldera OpenLinux Server 3.1-3.1.1 | The inn program contains format string vulnerabilities and insecure open() calls. |
Caldera
Security Advisory CSSA-2002-038.0 (inn) |
CAN-2002-0525 CAN-2002-0526 | |
| NetBSD 1.5-1.6beta | The IPsec ESP authentication code in the kernel incorrectly processes a length parameter and allows a remote attacker to cause a denial of service. | NetBSD Security Advisory 2002-016 | None | |
| Debian 3.0; Mandrake Linux 9.0-9.1; Redhat Linux 6.2-9.0 | Audit of the Linux kernel code discovered several vulnerabilities,
including in the ixj telephony card driver, the pcilynx firewire
driver, and the bttv video capture card driver, that allow
local users to obtain root privilege. Most recently, information leaks from ethernet drivers and the O_DIRECT file flag have been fixed. The route cache implementation contains a denial of service vulnerability. Privileges are not correctly restricted for the ioperm system. The TTY layer of the kernel can be abused to cause a denial of service. The mxcsr code in the kernel allows attackers to modify the CPU state registers. |
Debian Security
Advisory DSA-336-2 30 June 2003 (kernel-source-2.2.20, kernel-image-2.2.20-i386)
Debian Security
Advisory DSA-332-1 28 June 2003 (kernel-source-2.4.17, kernel-patch-2.4.17-mips)
Debian Security
Advisory DSA-312-1 9 June 2003 (kernel-patch-2.4.18-powerpc)
Debian Security
Advisory DSA-311-1 9 June 2003 (kernel) MandrakeSoft Security Advisory MDKSA-2003:066: kernel MandrakeSoft Security Advisory MDKSA-2003:039: kernel MandrakeSoft Security Advisory MDKSA-2003:014: kernel Red Hat Linux Security Advisory RHSA-2003:187-01 (kernel) Red Hat Linux Security Advisory RHSA-2003:172-00 (kernel) Red Hat Linux Security Advisory RHSA-2003:025-20 Red Hat Linux Security Advisory RHSA-2002:264-05 Red Hat Linux Security Advisory RHSA-2002:262-07 Red Hat Linux Security Advisory RHSA-2002:210-06 Red Hat Linux Security Advisory RHSA-2002:205-15 Red Hat Linux Security Advisory RHSA-2002:206-12 Red Hat Linux Security Advisory RHSA-2003:088-01 (2.2 kernel) |
CAN-2003-0001 CAN-2003-0018 CAN-2003-0247 CAN-2003-0248 CAN-2003-0364 | |
| Debian 2.2-3.0; FreeBSD 4.0-4.7; Mandrake Linux 8.1-9.0; NetBSD 1.5-1.6 | The kadmind server contains remotely-exploitable buffer overflow vulnerabilities that allow remote attackers to execute arbitrary code on the Kerberos server. This vulnerability is extremely important due to the sensitive nature of the data on the Kerberos server. Exploits for this vulnerability are being used. |
Debian Security
Advisory DSA-185-1 31 October 2002 (heimdal)
Debian Security
Advisory DSA-184-1 30 October 2002 (krb4)
Debian Security
Advisory DSA-183-1 29 October 2002 (krb5)
Debian Security
Advisory DSA-178-1 17 October 2002 (heimdal) FreeBSD SA 02:40 (kadmind) MandrakeSoft Security Advisory MDKSA-2002:073: krb5 NetBSD Security Advisory 2002-026 Red Hat Linux Security Advisory RHSA-2002:242-06 |
CAN-2002-1235 | |
| Debian 3.0 | The syslog-ng syslog daemon contains a buffer overflow vulnerability caused when a macro is expanded. |
Debian Security
Advisory DSA-175-1 15 October 2002 (syslog-ng) |
None | |
| Debian 2.2-3.0; Mandrake Linux 7.2-9.0; Redhat Linux 6.2-8.0 | The dvips program allows printing subsystem users to execute arbitrary commands with the privilege of the printing system. |
Debian Security
Advisory DSA-207-1 11 December 2002 (tetex-bin) MandrakeSoft Security Advisory MDKSA-2002:070: tetex Red Hat Linux Security Advisory RHSA-2002:194-18 |
CAN-2002-0836 | |
| Debian 3.0 | The heartbeat server for high-availability Linux is vulnerable to a buffer overflow attack that would allow remote attackers to execute arbitrary code with privilege. |
Debian Security
Advisory DSA-174-1 14 October 2002 (heartbeat) |
None | |
| Debian 3.0; Redhat Linux 8.0-9.0 | The squirrelmail PHP webmail package contains cross-site scripting vulnerabilities. |
Debian Security
Advisory DSA-191-2 11 November 2002 (squirrelmail)
Debian Security
Advisory DSA-220-1 02 January 2003 (squirrelmail) Red Hat Linux Security Advisory RHSA-2003:112-01 Red Hat Linux Security Advisory RHSA-2003:042-07 Red Hat Linux Security Advisory RHSA-2002:204-10 |
CAN-2002-1341 CAN-2002-1276 CAN-2002-1131 CAN-2002-1132 CAN-2003-0160 | |
| NetBSD 1.5-1.6 | The games named rogue and trek contains buffer overflows which allow local users to gain group games privileges and may lead to further compromise. | NetBSD Security Advisory 2002-025 NetBSD Security Advisory 2002-021 | None | |
| SGI Irix 6.5-6.5.17 | Multiple vulnerabilities in various programs: rpcbind follows symlinks, which may allow local users to overwrite arbitrary files; Desktop temporary files are world-writable; uux contains a buffer overflow vulnerability; fsr_efs follows symlinks but should not; the mv command creates directories with world-writable permission when a directory is moved. |
SGI Advisory 20020903-02-P
SGI Advisory 20020903-01-P
|
None | |
| Mandrake Linux 8.1-8.2 | Konqueror's cross-site scripting protections fail when used with sub-(i)frames. |
MandrakeSoft
Security Advisory MDKSA-2002:064: kdelibs |
None | |
| Debian 3.0 | The ht://Check program displays unmodified information retrieved from other web servers. A malicious web server could cause a cross-site scripting attack if used by the ht://Check program. Another Debian advisory also has the number DSA-169 |
Debian Security
Advisory DSA-169-1 25 September 2002 (ht://Check) |
None | |
| NetBSD 1.5-1.6 | The pic program contains a vulnerability that may be exploited via the lpr printing subsystem to gain privileges. | NetBSD Security Advisory 2002-022 | None | |
| FreeBSD 4.0-4.7; Mandrake Linux 7.2-9.0; NetBSD 1.5-1.6; SCO/Caldera OpenLinux Workstation & Server 3.1-3.1.1; SGI IRIX 6.5-6.5.18 | The sendmail smrsh shell restrictions may be bypassed by local users. |
FreeBSD SA 02:41 (smrsh)
MandrakeSoft Security Advisory MDKSA-2002:083: sendmail NetBSD Security Advisory 2002-023 Caldera Security Advisory CSSA-2002-052.0 (sendmail) SGI Advisory 20030101-01-P |
CAN-2002-1165 | |
| Mandrake Linux 7.2-9.0; Redhat Linux 6.2-7.3 | The nss_ldap contains a buffer overflow vulnerability exploitable via DNS, a format string bug in a logging function, and improperly handles truncated DNS responses. |
MandrakeSoft
Security Advisory MDKSA-2002:075: nss_ldap Red Hat Linux Security Advisory RHSA-2002:175-16 |
CAN-2002-0825 CAN-2002-0374 | |
| Debian 2.2-3.0; Mandrake Linux 8.0-9.0; Redhat Powertools 7.0-7.1; Redhat Linux 6.2-8.0 | The kghostview, ggv, and gv Postscript display programs contain buffer overflow vulnerabilities. |
Debian Security
Advisory DSA-296 30 April 2003 (kdebase)
Debian Security
Advisory DSA-293 23 April 2003 (kdelibs)
Debian Security
Advisory DSA-284 12 April 2003 (kdegraphics)
Debian Security
Advisory DSA-182-1 28 October 2002 (kdegraphics)
Debian Security
Advisory DSA-179-1 18 October 2002 (gnome-gv)
Debian Security
Advisory DSA-176-1 16 October 2002 (gv) MandrakeSoft Security Advisory MDKSA-2003:049: kde3 MandrakeSoft Security Advisory MDKSA-2002:071: kdegraphics MandrakeSoft Security Advisory MDKSA-2002:069: gv/ggv Red Hat Linux Security Advisory RHSA-2002:207-14 Red Hat Linux Security Advisory RHSA-2002:212-06 |
CAN-2002-0838 | |
| Debian 3.0 | The Jakarta Tomcat Java Servlet Engine allows access to unprocessed source code or unauthorized access to static resources. Another Debian advisory also has the number DSA-169 |
Debian Security
Advisory DSA-169-1 4 October 2002 (tomcat4) Debian Security Advisory DSA-225-1 9 January 2003 (tomcat4) |
CAN-2002-1394 | |
| Mandrake Linux 7.1-8.2; Redhat Linux 6.2-7.3 | The unzip and tar utilities allow arbitrary files to be overwritten when extracting archives. |
MandrakeSoft
Security Advisory MDKSA-2002:066: tar
MandrakeSoft
Security Advisory MDKSA-2002:065: unzip Red Hat Linux Security Advisory RHSA-2002:096-24 |
CAN-2001-1267 CAN-2001-1268 CAN-2001-1269 CAN-2002-0399 | |
| RedHat Powertools 6.2-7.1 | Untrusted users can shutdown the Zope server. ZCatalog plug-in index allows users to bypass restrictions to execute arbitrary catalog index methods. Access is not properly verified for objects with proxy roles. |
Red Hat Linux Security Advisory RHSA-2002:060-17 (Zope) |
CAN-2002-0687 CAN-2002-0688 CAN-2002-0170 | |
| Debian 3.0; Redhat Linux 7.0-7.3 | The PHP3 and PHP4 dynamic web server modules contain vulnerabilities that allow arbitrary headers to be set in email messages, set arbitrary command line parameters to sendmail, and manipulate parameters to the fopen() function. |
Debian Security
Advisory DSA-168-1 18 September 2002 (php) Red Hat Linux Security Advisory RHSA-2002:213-06 (PHP) |
CAN-2002-0985 CAN-2002-0986 | |
| SGI Irix 6.5-6.5.14 | The default root umask is applied to coredumps, which may result in disclosure of privileged information. |
SGI Advisory 20020902-01-I
|
None | |
| NetBSD 1.5-1.6beta | The kfd Kerberos credential forwarding daemon contains multiple security vulnerabilities including buffer overruns. | NetBSD Security Advisory 2002-018 | None | |
| FreeBSD 2.0-4.6 | The libkvm library used by programs such as ps opens /dev/mem and /dev/kmem but does not set the close-on-exec flag to protect against other programs gaining access to the kernel and machine memory. Several add-on packages contain vulnerabilities that may allow this problem to be exploited. |
FreeBSD SA 02:39 (libkvm)
|
None | |
| Debian 3.0 | The Konquerer web browser's cross site scripting protection contains a flaw that allows Javascript in sub-frames to access foreign sub-frames, allowing cookie stealing and other cross-site scripting attacks. |
Debian Security
Advisory DSA-167-1 16 September 2002 (konquerer) |
None | |
| NetBSD 1.4-1.6beta | Repeated use of the TIOCSCTTY ioctl can corrupt the session hold counter, which can cause the session structure to be freed and corrupt kernel memory, resulting in a denial of service or unexpected behavior. | NetBSD Security Advisory 2002-007 | None | |
| NetBSD 1.4-1.6beta | The fd_set file descriptor bitmap may be intentionally overrun by malicious local users of setuid programs, resulting in potential local vulnerabilities. | NetBSD Security Advisory 2002-014 | None | |
| NetBSD 1.4-1.6beta | The shutdown(s, SHUT_RD) system call on TCP sockets may cause a kernel memory leak, allowing local users to cause a denial of service. | NetBSD Security Advisory 2002-017 | None | |
| NetBSD 1.4-1.6beta | The setlocale() function contains a buffer overrun vulnerability that allows local users of setuid program such as xterm to gain privileges. | NetBSD Security Advisory 2002-012 | None | |
| Debian 3.0 | An attacker may execute arbitrary code via the cacti PHP frontend for rrdtool. |
Debian Security
Advisory DSA-164-1 10 September 2002 (cacti) |
None | |
| Debian 2.2 | The mhonarc mail to HTML convertor contains cross-site scripting vulnerabilities. |
Debian Security
Advisory DSA-163-1 9 September 2002 (mhonarc) |
CAN-2002-0738 | |
| Redhat Linux 7.3 | The wordtrans program is vulnerable to cross-site scripting attacks via its web interface. |
Red Hat Linux Security Advisory RHSA-2002:188-08 |
CAN-2002-0837 | |
| Debian 3.0 | The EPIC script Light may be exploited remotely to execute nearly any arbitrary code. |
Debian Security
Advisory DSA-156-1 22 August 2002 (epic-script-light) |
None | |
| Debian 3.0 | The IRC client irssi is vulnerable to a denial of service. |
Debian Security
Advisory DSA-157-1 23 August 2002 (irssi-text) |
None | |
| Debian 2.2-3.0 | The purity game contains buffer overflow vulnerabilities. |
Debian Security
Advisory DSA-166-1 13 September 2002 (purity) |
None | |
| Debian 3.0; Mandrake Linux 7.2-9.0; RedHat Linux 6.2-8.0 | The postgresql database system contains several vulnerabilities that may be exploited via queries. |
Debian Security
Advisory DSA-165-1 12 September 2002 (postgresql) MandrakeSoft Security Advisory MDKSA-2002:062: postgresql Red Hat Linux Security Advisory RHSA-2003:001-16 Red Hat Linux Security Advisory RHSA-2003:010-10 |
CAN-2002-0972 CAN-2002-1397 CAN-2002-1398 CAN-2002-1400 CAN-2002-1401 CAN-2002-1402 | |
| SCO/Caldera OpenLinux Server & Workstation 3.1-3.1.1; Mandrake Linux 8.1-8.2 | KDE's SSL implementation does not properly check certificate constraints and allows any certificate to sign other certificates. SSL-protected pages browsed via Konqueror and other KDE software may be subject to a man-in-the-middle attack as a result. |
Caldera
Security Advisory CSSA-2002-047.0 (kdelibs) MandrakeSoft Security Advisory MDKSA-2002:058: kdelibs |
CAN-2002-0970 CAN-2002-1151 | |
| Debian 3.0 | The mantis bug tracking system displays bug information without checking permissions. |
Debian Security
Advisory DSA-161-1 4 September 2002 (mantis) |
None | |
| Redhat Linux 6.2-7.3 | Certain DHCP packets can cause the PXE server to crash. |
Red Hat Linux Security Advisory RHSA-2002:162-12 |
CAN-2002-0835 | |
| SGI Irix 6.5; Redhat Linux 7.1-7.3 | The Netscape web browser contains security vulnerabilities. |
Red Hat Linux Security Advisory RHSA-2003:026-01 SGI Advisory 20020807-01-I SGI Advisory 20030102-01-I |
CAN-2002-0058 | |
| SCO/Caldera OpenLinux Server & Workstation 3.1-3.1.1; Debian 2.2-3.0; Mandrake Linux 7.2-9.0; RedHat Linux 6.2-7.3 | The python scripting language uses temporary files insecurely. |
Debian Security
Advisory DSA-159-2 9 September 2002 (python) MandrakeSoft Security Advisory MDKSA-2002:082: python Caldera Security Advisory CSSA-2002-045.0 (python) Red Hat Linux Security Advisory RHSA-2002:202-25 |
CAN-2002-1119 | |
| Debian 3.0; Mandrake Linux 7.1-8.2 | The Gaim instant messenger client allows remote users to cause arbitrary code to be executed. |
Debian Security
Advisory DSA-158-1 27 August 2002 (gaim) MandrakeSoft Security Advisory MDKSA-2002:054: gaim Red Hat Linux Security Advisory RHSA-2002:189-08 |
None | |
| Redhat Linux 7.3 | Numerous security bugs exist in the Linux kernel. |
Red Hat Linux Security Advisory RHSA-2002:158-09 |
None | |
| Debian GNU/Linux 3.0; Redhat Powertools 7.0-7.1 | The bugzilla bug tracking application contains numerous vulnerabilities. |
Debian Security
Advisory DSA-173-1 09 October 2002 (bugzilla)
Debian Security
Advisory DSA-218-1 30 December 2002 (bugzilla)
Debian Security
Advisory DSA-230-1 16 January 2003 (bugzilla) Red Hat Security Advisory RHSA-2002:109-07 |
CAN-2003-0012 CAN-2003-0013 CAN-2002-0803 CAN-2002-0804 CAN-2002-0805 CAN-2002-0806 CAN-2002-0807 CAN-2002-0808 CAN-2002-0809 CAN-2002-0810 CAN-2002-0811 | |
| FreeBSD 2.0-4.6 | Local users may execute certain system calls with large negative integer values to obtain access to privileged information in kernel memory. |
FreeBSD SA 02:38 (signed integers)
|
None | |
| SGI Irix | The Adobe Acrobat Reader version 4.05 included with IRIX 6.5 insecurely creates temporary files. |
SGI Advisory 20020806-01-I
|
CAN-2001-1069 | |
| SGI Irix | Upgrading the IRIX operating system may cause a machine's Ethernet MAC address to change, resulting in a potential problem if filtering is performed based on the MAC address. |
SGI Advisory 20020805-01-I
|
CVE-2002-0632 | |
| Debian 3.0; Mandrake Linux 8.2; Redhat Linux 7.0-8.0 | The xinetd daemon server leaks its signal pipe file descriptors to child daemons, allowing a denial of service to result. |
Debian Security
Advisory DSA-151-1 13 August 2002 (xinetd) MandrakeSoft Security Advisory MDKSA-2002:053: xinetd Red Hat Linux Security Advisory RHSA-2002:196-19 |
CAN-2002-0871 | |
| Debian 3.0 | The l2tpd layer 2 tunneling program generates guessable keys. It also contains an overwrite vulnerability. |
Debian Security
Advisory DSA-152-1 13 August 2002 (l2tpd) |
None | |
| Debian 2.2-3.0 | The Interchange e-commerce HTTP database system may allow an attacker to read any file readable by the Interchange daemon. |
Debian Security
Advisory DSA-150-1 13 August 2002 (Interchange) |
None | |
| Redhat Linux 7.0-7.1/td> | The tcl/tk applications search for shared libraries in /var/tmp and/or the current directory, allowing local users to execute arbitrary code with the privilege of the tcl/tk program. |
Red Hat Linux Security Advisory RHSA-2002:148-06 |
CAN-2001-1374 CAN-2001-1375 | |
| SGI Irix | The IRIX Bulk Data Services (BDS) software allows read access to any file on the server. |
SGI Advisory 20020804-01-P
|
CVE-2002-0632 | |
| Debian 2.2-3.0; Mandrake Linux 7.1-8.2 | The Hylafax client/server fax system contains numerous security vulnerabilities. |
Debian Security
Advisory DSA-148-1 12 August 2002 (hylafax) MandrakeSoft Security Advisory MDKSA-2002:055: hylafax |
CAN-2001-1034 | |
| Caldera OpenLinux Server 3.1-3.1.1, Workstation 3.1-3.1.1 | The cvsd program contains a locally-exploitable off-by-one vulnerability. |
Caldera
Security Advisory CSSA-2002-035.0 (cvsd) |
None | |
| Debian 3.0 | The dietlibc library contains division by zero errors in the fwrite and calloc functions. |
Debian Security
Advisory DSA-146-3 8 August 2002 (dietlibc) |
CAN-2002-0391 | |
| Debian 3.0 | The tinyproxy HTTP proxy may allow remote users to execute arbitrary code due to freeing a block of memory twice. |
Debian Security
Advisory DSA-145-1 7 August 2002 (tinyproxy) |
None | |
| FreeBSD 2.0-4.6 | A bug in the computed maximum size of a file on the FFS file system allows local users to exploit an integer overflow and gain access to arbitrary blocks in the file system. |
FreeBSD SA 02:35 (ffs)
|
None | |
| FreeBSD 2.0-4.6; NetBSD 1.4-1.6beta | A remote user can send an RPC request to the NFS server with a zero-length payload to cause an infinite loop in the kernel. |
FreeBSD SA 02:36 (nfs)
NetBSD Security Advisory 2002-013 |
None | |
| FreeBSD 4.3-4.6 | The kqueue asynchronous notification system call can be used in combination with the pipe system call by a local user to cause a kernel panic. |
FreeBSD SA 02:37 (kqueue)
|
None | |
| SGI Irix 6.5-6.5.16 | The iPlanet web servers contain buffer overflow and other vulnerabilities. |
SGI Advisory 20020803-01-P
|
CAN-2001-0327 | |
| SCO/Caldera OpenLinux Server & Workstation 3.1-3.1.1; Debian 3.0; Mandrake Linux 7.1-8.2; RedHat Linux 6.2-8.0 | The png portable network graphics library contains a buffer overflow vulnerability that may allow graphics files to execute arbitrary code. |
SCO
Security Advisory CSSA-2002-042.0 (libpng) Debian Security Advisory DSA-140-2 5 August 2002 (libpng) Debian Security Advisory DSA-213-1 December 19 2002 (libpng, libpng3) MandrakeSoft Security Advisory MDKSA-2002:049: libpng Red Hat Linux Security Advisory RHSA-2002:151-21 Red Hat Linux Security Advisory RHSA-2003:006-06 |
CAN-2002-1363 CAN-2002-0728 CAN-2002-0660 | |
| Debian 3.0; Mandrake Linux 8.1-8.2; RedHat Linux 6.2-7.3 | An integer overflow bug in the RPC library used by the Kerberos 5 administration system may be exploited to execute arbitrary code with root privilege. |
Debian Security
Advisory DSA-143-1 5 August 2002 (krb5) MandrakeSoft Security Advisory MDKSA-2002:057: krb5 Red Hat Linux Security Advisory RHSA-2002:172-07 |
CVE-2002-0391 | |
| Debian 3.0 | An integer overflow bug in the RPC library used by the OpenAFS database server may be exploited to crash OpenAFS servers or execute arbitrary code with root privilege. |
Debian Security
Advisory DSA-142-1 5 August 2002 (OpenAFS) |
None | |
| Debian 3.0 | The munpack program, which decodes MIME messages, contains vulnerabilities that may allow malformed mail messages to execute arbitrary code or create arbitrary, unexpected files. |
Debian Security
Advisory DSA-141-1 1 August 2002 (gallery) |
None | |
| SGI Irix 6.5-6.5.16 | The rpc.pcnfsd daemon contains unspecified vulnerabilities. |
SGI Advisory 20020802-01-I
|
CAN-1999-0078 | |
| Debian 3.0 | The program super, which allows users to execute certain programs with root privilege, contains a format string vulnerability that allows local users to execute unauthorized code with root privilege. |
Debian Security
Advisory DSA-139-1 1 August 2002 (gallery) |
None | |
| Debian 3.0 | A vulnerability contained in the gallery web-based photo album allows remote users to execute arbitrary commands with the privilege of the web server. |
Debian Security
Advisory DSA-138-1 1 August 2002 (gallery) |
None | |
| Many | The Sun XDR routine that handles decoding arrays contains a buffer overflow. RPC messages containing array parameters may be able to overflow buffers and cause arbitrary code to be executed. |
Caldera
Security Advisory CSSA-2003-013.0 (xdr)
SCO/Caldera
Security Advisory CSSA-2002-055.0 (xdr) Debian Security Advisory DSA-149-2 26 September 2002 (glibc) Debian Security Advisory DSA-149-1 13 August 2002 (glibc) NetBSD Security Advisory 2003-008 Red Hat Linux Security Advisory RHSA-2003:089-00 Red Hat Linux Security Advisory RHSA-2002:166-07 FreeBSD SA 03:05 (xdr) FreeBSD SA 02:34 (rpc) MandrakeSoft Security Advisory MDKSA-2003:037: glibc NetBSD Security Advisory 2002-011 SGI Advisory 20030402-01-P SGI Advisory 20020801-01-P SGI Advisory 20020801-01-A |
CVE-2003-0028 |