Summary
| Detail | |||
|---|---|---|---|
| Vendor | Redhat | First view | 1996-11-16 |
| Product | Linux | Last view | 2007-09-24 |
| Version | 4.0 | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:redhat:linux | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 6 | 2007-09-24 | CVE-2007-5079 | Red Hat Enterprise Linux 4 does not properly compile and link gdm with tcp_wrappers on x86_64 platforms, which might allow remote attackers to bypass intended access restrictions. |
| 4.6 | 2001-12-21 | CVE-2001-0886 | Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character. |
| 7.2 | 2000-02-26 | CVE-2000-0170 | Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable. |
| 10 | 2000-01-08 | CVE-2000-1220 | The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file. |
| 6.4 | 1999-12-31 | CVE-1999-1335 | snmpd server in cmu-snmp SNMP package before 3.3-1 in Red Hat Linux 4.0 is configured to allow remote attackers to read and write sensitive information. |
| 7.5 | 1999-12-31 | CVE-1999-1333 | automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded. |
| 2.1 | 1999-12-31 | CVE-1999-1332 | gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file. |
| 7.2 | 1999-12-31 | CVE-1999-1329 | Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges. |
| 4.6 | 1999-10-07 | CVE-1999-1347 | Xsession in Red Hat Linux 6.1 and earlier can allow local users with restricted accounts to bypass execution of the .xsession file by starting kde, gnome or anotherlevel from kdm. |
| 7.5 | 1999-10-07 | CVE-1999-1346 | PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which allows users to access the host via rlogin even if rlogin has been explicitly disabled using the /etc/nologin file. |
| 7.2 | 1999-08-25 | CVE-1999-0872 | Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file. |
| 7.2 | 1999-08-25 | CVE-1999-0769 | Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable. |
| 2.1 | 1999-06-30 | CVE-1999-1348 | Linuxconf on Red Hat Linux 6.0 and earlier does not properly disable PAM-based access to the shutdown command, which could allow local users to cause a denial of service. |
| 7.2 | 1999-06-09 | CVE-2000-0118 | The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing. |
| 7.2 | 1999-01-04 | CVE-1999-0390 | Buffer overflow in Dosemu Slang library in Linux. |
| 10 | 1998-10-12 | CVE-1999-0002 | Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems. |
| 10 | 1998-04-08 | CVE-1999-0009 | Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. |
| 10 | 1997-10-18 | CVE-1999-0192 | Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable. |
| 7.2 | 1997-07-17 | CVE-1999-1182 | Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error. |
| 7.2 | 1997-05-29 | CVE-1999-0034 | Buffer overflow in suidperl (sperl), Perl 4.x and 5.x. |
| 10 | 1997-04-07 | CVE-1999-0042 | Buffer overflow in University of Washington's implementation of IMAP and POP servers. |
| 7.2 | 1997-02-20 | CVE-1999-0868 | ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN. |
| 7.5 | 1997-02-13 | CVE-1999-0041 | Buffer overflow in NLS (Natural Language Service). |
| 10 | 1997-02-03 | CVE-1999-1299 | rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file. |
| 10 | 1996-12-04 | CVE-1999-0043 | Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 100% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 40139 | Red Hat Enterprise Linux gdm x86_64 tcp_wrappers Remote Access Bypass |
| 17207 | Multiple Linux lpr lpd -C Parameter Local Privilege Escalation |
| 13635 | Red Hat Linux su Failed Password Logging Weakness |
| 13499 | Red Hat Linux Xsession .xsession Restricted Account Bypass |
| 13026 | Red Hat Linux rlogin PAM Config File Malformed Ruleset |
| 13025 | Multiple Vendor Linux rcp nobody User Arbitrary File Overwrite |
| 11731 | UoW IMAP/POP server_login() Function Remote Overflow |
| 11276 | INN ucbmail Arbitrary Remote Command Execution |
| 11064 | Red Hat Linux SysVInit Local Overflow |
| 10870 | Perl suidperl Unspecified Local Overflow |
| 8219 | Linux ld-linux.so Program Name Overflow |
| 8218 | Linux ld.so Program Name Overflow |
| 8107 | CMU SNMP snmpd Server Remote Information Modification |
| 7550 | cron MAILTO Overflow Privilege Escalation |
| 6111 | NcFTP Shell Metacharacter Command Execution |
| 6069 | Linuxconf Improper PAM Shutdown DoS |
| 3812 | gzip gzexe Insecure Temp File Creation |
| 2007 | GNU libc (glibc) glob Function Remote Overflow |
| 1233 | Linux man MANPAGER Variable Local Overflow |
| 1114 | Sendmail Daemon Mode Local Privilege Escalation |
| 1109 | Multiple Vendor Natural Language Service (NLS) Local Overflow |
| 1093 | INN Control Message Arbitrary Command Execution |
| 1061 | Vixie Cron MAILTO Sendmail Variable Manipulation |
| 1047 | Multiple BSD Termcap tgetent() Overflow |
| 927 | Linux Dosemu S-Lang Multiple Variable Local Overflow |
OpenVAS Exploits
| id | Description |
|---|---|
| 2010-08-30 | Name : CentOS Update for gdm CESA-2010:0657 centos4 i386 File : nvt/gb_CESA-2010_0657_gdm_centos4_i386.nasl |
| 2010-08-30 | Name : RedHat Update for gdm RHSA-2010:0657-02 File : nvt/gb_RHSA-2010_0657-02_gdm.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 103-1 (glibc) File : nvt/deb_103_1.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 308-1 (gzip) File : nvt/deb_308_1.nasl |
| 2005-11-03 | Name : Sendmail 8.7.*/8.8.* local overflow File : nvt/sendmail_daemon_mode.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | x86 Linux mountd overflow RuleID : 317-community - Type : OS-LINUX - Revision : 11 |
| 2014-01-10 | x86 Linux mountd overflow RuleID : 317 - Type : OS-LINUX - Revision : 11 |
| 2014-01-10 | x86 Linux mountd overflow RuleID : 316-community - Type : OS-LINUX - Revision : 11 |
| 2014-01-10 | x86 Linux mountd overflow RuleID : 316 - Type : OS-LINUX - Revision : 11 |
| 2014-01-10 | UDP inverse query overflow RuleID : 3154-community - Type : PROTOCOL-DNS - Revision : 12 |
| 2014-01-10 | UDP inverse query overflow RuleID : 3154 - Type : PROTOCOL-DNS - Revision : 12 |
| 2014-01-10 | TCP inverse query overflow RuleID : 3153-community - Type : PROTOCOL-DNS - Revision : 9 |
| 2014-01-10 | TCP inverse query overflow RuleID : 3153 - Type : PROTOCOL-DNS - Revision : 9 |
| 2014-01-10 | x86 Linux mountd overflow RuleID : 315-community - Type : OS-LINUX - Revision : 11 |
| 2014-01-10 | x86 Linux mountd overflow RuleID : 315 - Type : OS-LINUX - Revision : 11 |
| 2014-01-10 | authenticate literal overflow attempt RuleID : 2105-community - Type : PROTOCOL-IMAP - Revision : 16 |
| 2014-01-10 | authenticate literal overflow attempt RuleID : 2105 - Type : PROTOCOL-IMAP - Revision : 16 |
| 2014-01-10 | authenticate overflow attempt RuleID : 1844-community - Type : PROTOCOL-IMAP - Revision : 18 |
| 2014-01-10 | authenticate overflow attempt RuleID : 1844 - Type : PROTOCOL-IMAP - Revision : 18 |
| 2014-01-10 | wu-ftp bad file completion attempt RuleID : 1378-community - Type : PROTOCOL-FTP - Revision : 24 |
| 2014-01-10 | wu-ftp bad file completion attempt RuleID : 1378 - Type : PROTOCOL-FTP - Revision : 24 |
| 2014-01-10 | wu-ftp bad file completion attempt RuleID : 1377-community - Type : PROTOCOL-FTP - Revision : 24 |
| 2014-01-10 | wu-ftp bad file completion attempt RuleID : 1377 - Type : PROTOCOL-FTP - Revision : 24 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2013-07-12 | Name: The remote Oracle Linux host is missing a security update. File: oraclelinux_ELSA-2010-0657.nasl - Type: ACT_GATHER_INFO |
| 2012-08-01 | Name: The remote Scientific Linux host is missing a security update. File: sl_20100826_gdm_on_SL4_x.nasl - Type: ACT_GATHER_INFO |
| 2010-08-29 | Name: The remote CentOS host is missing a security update. File: centos_RHSA-2010-0657.nasl - Type: ACT_GATHER_INFO |
| 2010-08-27 | Name: The remote Red Hat host is missing a security update. File: redhat-RHSA-2010-0657.nasl - Type: ACT_GATHER_INFO |
| 2005-02-16 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHNE_12957.nasl - Type: ACT_GATHER_INFO |
| 2004-09-29 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-103.nasl - Type: ACT_GATHER_INFO |
| 2004-09-29 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-308.nasl - Type: ACT_GATHER_INFO |
| 2004-07-31 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2001-095.nasl - Type: ACT_GATHER_INFO |
| 2004-07-31 | Name: The remote Mandrake Linux host is missing a security update. File: mandrake_MDKSA-2003-068.nasl - Type: ACT_GATHER_INFO |
| 2003-03-12 | Name: The remote service has a buffer overflow vulnerability. File: mountd_overflow.nasl - Type: ACT_DESTRUCTIVE_ATTACK |
| 2003-03-11 | Name: The remote host has an application that is affected by a local privilege esca... File: sendmail_daemon_mode.nasl - Type: ACT_GATHER_INFO |
| 2002-04-02 | Name: It is possible to use the remote name server to break into the remote host. File: bind_iquery.nasl - Type: ACT_GATHER_INFO |
| 1999-08-25 | Name: The remote NNTP server is affected by multiple vulnerabilities. File: inn.nasl - Type: ACT_GATHER_INFO |
| 1999-06-22 | Name: The remote mail server is vulnerable to a buffer overflow. File: imap_overflow.nasl - Type: ACT_DESTRUCTIVE_ATTACK |
