This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Gentoo First view 2003-10-06
Product Linux Last view 2006-03-24
Version 1.4 Type Os
Update rc3  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:gentoo:linux

Activity : Overall

Related : CVE

  Date Alert Description
4.6 2006-03-24 CVE-2006-1390

The configuration of NetHack 3.4.3-r1 and earlier, Falcon's Eye 1.9.4a and earlier, and Slash'EM 0.0.760 and earlier on Gentoo Linux allows local users in the games group to modify saved games files to execute arbitrary code via buffer overflows and overwrite arbitrary files via symlink attacks.

7.5 2005-05-02 CVE-2005-0005

Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.

6.8 2005-03-01 CVE-2004-1055

Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PmaAbsoluteUri parameter, (2) the zero_rows parameter in read_dump.php, (3) the confirm form, or (4) an error message generated by the internal phpMyAdmin parser.

7.2 2004-12-31 CVE-2004-1452

Tomcat before 5.0.27-r3 in Gentoo Linux sets the default permissions on the init scripts as tomcat:tomcat, but executes the scripts with root privileges, which could allow local users in the tomcat group to execute arbitrary commands as root by modifying the scripts.

5 2004-12-23 CVE-2004-0749

The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable paths, which could allow remote attackers to gain sensitive information via (1) svn log -v, (2) svn propget, or (3) svn blame, and other commands that follow renames.

7.6 2004-12-06 CVE-2004-0456

Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header.

10 2004-11-23 CVE-2004-0333

Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly other packages, allows remote attackers to execute arbitrary code via a MIME archive with certain long MIME parameters.

7.5 2004-08-18 CVE-2004-0432

ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions.

5 2004-08-18 CVE-2004-0232

Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.

2.1 2004-08-18 CVE-2004-0231

Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations."

10 2004-08-18 CVE-2004-0226

Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.

10 2004-05-04 CVE-2004-0386

Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header.

7.5 2004-04-15 CVE-2004-0224

Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before 4.0.0 may allow remote attackers to execute arbitrary code "when Unicode character is out of BMP range."

10 2003-10-06 CVE-2003-0694

The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.

7.5 2003-10-06 CVE-2003-0681

A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.

Open Source Vulnerability Database (OSVDB)

id Description
24105 Gentoo Linux Multiple nethack Games Saved Game Symlink Arbitrary File Overwrite
24104 Gentoo Linux Multiple nethack Games High Score Processing Local Overflow
13028 ImageMagick PSD Image Decoding Module Overflow
12238 phpMyAdmin Error Message XSS
11932 phpMyAdmin Confirm Page Form Multiple Parameter XSS
11931 phpMyAdmin read_dump.php zero_rows Parameter XSS
11930 phpMyAdmin config.inc.php PmaAbsoluteUri Parameter XSS
11537 Pavuk Multiple Unspecified Overflows
10217 Subversion (SVN) mod_authz_svn Unreadable Path Metadata Information Disclosure
8851 Gentoo Tomcat Group Root Privilege Escalation
7319 Pavuk HTTP Location Header Overflow
6927 Courier Japanese Codeset shiftjis.c Conversion Overflow
5744 ProFTPD CIDR IP Subnet ACL Bypass
5722 Midnight Commander Unspecified Buffer Overflows
5721 Midnight Commander Insecure Temporary File Creation
5720 Midnight Commander Unspecified Format String
4754 MPlayer HTTP Location Header Parsing Overflow
4194 Courier Japanese Codeset iso2022jp.c Conversion Overflow
4076 WinZip MIME Archive Parsing Overflow
2577 Sendmail prescan() Function Remote Overflow

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2009-05-05 Name : HP-UX Update for sendmail HPSBUX00281
File : nvt/gb_hp_ux_HPSBUX00281.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200603-23 (nethack slashem falconseye)
File : nvt/glsa_200603_23.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200411-19 (pavuk)
File : nvt/glsa_200411_19.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200409-35 (Subversion)
File : nvt/glsa_200409_35.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200408-15 (tomcat)
File : nvt/glsa_200408_15.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200406-22 (Pavuk)
File : nvt/glsa_200406_22.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200405-21 (MC)
File : nvt/glsa_200405_21.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200405-09 (proftpd)
File : nvt/glsa_200405_09.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200403-13 (mplayer)
File : nvt/glsa_200403_13.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200403-06 (Courier)
File : nvt/glsa_200403_06.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200411-36 (phpmyadmin)
File : nvt/glsa_200411_36.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200501-26 (imagemagick)
File : nvt/glsa_200501_26.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200501-37 (GraphicsMagick)
File : nvt/glsa_200501_37.nasl
2008-09-04 Name : FreeBSD Ports: phpMyAdmin
File : nvt/freebsd_phpMyAdmin1.nasl
2008-09-04 Name : FreeBSD Ports: proftpd
File : nvt/freebsd_proftpd.nasl
2008-09-04 Name : FreeBSD Ports: subversion, subversion-perl, subversion-python
File : nvt/freebsd_subversion.nasl
2008-09-04 Name : FreeBSD Ports: uulib, uudeview, xdeview
File : nvt/freebsd_uulib.nasl
2008-09-04 Name : FreeBSD Ports: pavuk
File : nvt/freebsd_pavuk.nasl
2008-09-04 Name : FreeBSD Ports: mplayer, mplayer-gtk, mplayer-esound, mplayer-gtk-esound
File : nvt/freebsd_mplayer1.nasl
2008-09-04 Name : FreeBSD Ports: mc
File : nvt/freebsd_mc0.nasl
2008-09-04 Name : FreeBSD Ports: courier
File : nvt/freebsd_courier.nasl
2008-09-04 Name : FreeBSD Ports: ImageMagick
File : nvt/freebsd_ImageMagick0.nasl
2008-01-17 Name : Debian Security Advisory DSA 497-1 (mc)
File : nvt/deb_497_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 646-1 (imagemagick)
File : nvt/deb_646_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 527-1 (pavuk)
File : nvt/deb_527_1.nasl

Snort® IPS/IDS

Date Description
2014-01-10 RCPT TO overflow
RuleID : 654-community - Type : SERVER-MAIL - Revision : 28
2014-01-10 RCPT TO overflow
RuleID : 654 - Type : SERVER-MAIL - Revision : 28
2014-01-10 WinZip MIME content-disposition buffer overflow
RuleID : 2488-community - Type : SERVER-MAIL - Revision : 18
2014-01-10 WinZip MIME content-disposition buffer overflow
RuleID : 2488 - Type : SERVER-MAIL - Revision : 18
2014-01-10 WinZip MIME content-type buffer overflow
RuleID : 2487-community - Type : SERVER-MAIL - Revision : 17
2014-01-10 WinZip MIME content-type buffer overflow
RuleID : 2487 - Type : SERVER-MAIL - Revision : 17
2014-01-10 Sendmail RCPT TO prescan too long addresses overflow
RuleID : 2270-community - Type : SERVER-MAIL - Revision : 18
2014-01-10 Sendmail RCPT TO prescan too long addresses overflow
RuleID : 2270 - Type : SERVER-MAIL - Revision : 18
2014-01-10 RCPT TO overflow
RuleID : 18574 - Type : SERVER-MAIL - Revision : 6

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2009-04-23 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_cb6c6c299c4f11d893660020ed76ef5a.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_76904dceccf311d8babb000854d03344.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_184f5d0b0fe811d98a8a000c41e2cdad.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_0c6f3fde9c5111d893660020ed76ef5a.nasl - Type: ACT_GATHER_INFO
2007-09-25 Name: The remote HP-UX host is missing a security-related patch.
File: hpux_PHNE_35485.nasl - Type: ACT_GATHER_INFO
2007-09-25 Name: The remote HP-UX host is missing a security-related patch.
File: hpux_PHNE_35483.nasl - Type: ACT_GATHER_INFO
2007-09-25 Name: The remote HP-UX host is missing a security-related patch.
File: hpux_PHNE_35484.nasl - Type: ACT_GATHER_INFO
2006-03-27 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200603-23.nasl - Type: ACT_GATHER_INFO
2006-01-15 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-62-1.nasl - Type: ACT_GATHER_INFO
2005-09-12 Name: The remote Fedora Core host is missing a security update.
File: fedora_2005-235.nasl - Type: ACT_GATHER_INFO
2005-07-13 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2004-136-01.nasl - Type: ACT_GATHER_INFO
2005-07-13 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_98bd69c3834b11d8a41f0020ed76ef5a.nasl - Type: ACT_GATHER_INFO
2005-07-13 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_597e2bee68ea11d9a9e70001020eed82.nasl - Type: ACT_GATHER_INFO
2005-05-19 Name: The remote Fedora Core host is missing a security update.
File: fedora_2005-234.nasl - Type: ACT_GATHER_INFO
2005-04-02 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-065.nasl - Type: ACT_GATHER_INFO
2005-03-25 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2005-070.nasl - Type: ACT_GATHER_INFO
2005-02-22 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2005-071.nasl - Type: ACT_GATHER_INFO
2005-02-16 Name: The remote HP-UX host is missing a security-related patch.
File: hpux_PHNE_30224.nasl - Type: ACT_GATHER_INFO
2005-02-16 Name: The remote HP-UX host is missing a security-related patch.
File: hpux_PHNE_29912.nasl - Type: ACT_GATHER_INFO
2005-02-14 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200501-37.nasl - Type: ACT_GATHER_INFO
2005-02-14 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200501-26.nasl - Type: ACT_GATHER_INFO
2005-01-19 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-646.nasl - Type: ACT_GATHER_INFO
2004-11-27 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200411-36.nasl - Type: ACT_GATHER_INFO
2004-11-19 Name: The remote web server contains a PHP script that is susceptible to cross-site...
File: phpMyAdmin_xss.nasl - Type: ACT_GATHER_INFO
2004-11-13 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200411-19.nasl - Type: ACT_GATHER_INFO