This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Redhat First view 2007-07-15
Product Enterprise Linux Last view 2015-08-14
Version 4.0 Type Os
Update *  
Edition ws  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:redhat:enterprise_linux

Activity : Overall

Related : CVE

  Date Alert Description
5 2015-08-14 CVE-2015-1819

The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.

4.7 2008-06-30 CVE-2008-2365

Race condition in the ptrace and utrace support in the Linux kernel 2.6.9 through 2.6.25, as used in Red Hat Enterprise Linux (RHEL) 4, allows local users to cause a denial of service (oops) via a long series of PTRACE_ATTACH ptrace calls to another user's process that trigger a conflict between utrace_detach and report_quiescent, related to "late ptrace_may_attach() check" and "race around &dead_engine_ops setting," a different vulnerability than CVE-2007-0771 and CVE-2008-1514. NOTE: this issue might only affect kernel versions before 2.6.16.x.

7.5 2008-05-23 CVE-2008-1767

Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.

7.2 2008-02-04 CVE-2007-4130

The Linux kernel 2.6.9 before 2.6.9-67 in Red Hat Enterprise Linux (RHEL) 4 on Itanium (ia64) does not properly handle page faults during NUMA memory access, which allows local users to cause a denial of service (panic) via invalid arguments to set_mempolicy in an MPOL_BIND operation.

4.3 2007-12-03 CVE-2006-7226

Perl-Compatible Regular Expression (PCRE) library before 6.7 does not properly calculate the compiled memory allocation for regular expressions that involve a quantified "subpattern containing a named recursion or subroutine reference," which allows context-dependent attackers to cause a denial of service (error or crash).

2.1 2007-09-17 CVE-2007-3379

Unspecified vulnerability in the kernel in Red Hat Enterprise Linux (RHEL) 4 on the x86_64 platform allows local users to cause a denial of service (OOPS) via unspecified vectors related to the get_gate_vma function and the fuser command.

6.2 2007-07-15 CVE-2007-3103

The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.

CWE : Common Weakness Enumeration

%idName
20% (1) CWE-399 Resource Management Errors
20% (1) CWE-362 Race Condition
20% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
20% (1) CWE-59 Improper Link Resolution Before File Access ('Link Following')
20% (1) CWE-20 Improper Input Validation

Open Source Vulnerability Database (OSVDB)

id Description
48563 Linux Kernel ptrace / utrace Support PTRACE_ATTACH Call Handling Local DoS
45419 libxslt XSL Style-sheet File Processing Arbitrary Code Execution
40945 X.Org X Font Server (xfs) init.d Symlink Arbitrary File Permission Modification
40914 Linux Kernel NUMA Memory Access Page Fault Handling Local DoS
40755 Perl-Compatible Regular Expression (PCRE) Compiled Memory Allocation Miscalcu...
39241 Linux Kernel on RHEL get_gate_vma Function Local DoS

ExploitDB Exploits

id Description
5167 X.Org xorg-x11-xfs <= 1.0.2-3.1 - Local Race Condition Exploit

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2010-05-12 Name : Mac OS X Security Update 2008-007
File : nvt/macosx_secupd_2008-007.nasl
2009-11-17 Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-13 Name : SLES10: Security update for libxslt
File : nvt/sles10_libxslt0.nasl
2009-10-10 Name : SLES9: Security update for libxslt
File : nvt/sles9p5028020.nasl
2009-10-10 Name : SLES9: Security update for pcre
File : nvt/sles9p5015818.nasl
2009-10-10 Name : SLES9: Security update for PHP4
File : nvt/sles9p5015662.nasl
2009-07-06 Name : Fedora Core 10 FEDORA-2009-3651 (xorg-x11-xfs)
File : nvt/fcore_2009_3651.nasl
2009-07-06 Name : Fedora Core 9 FEDORA-2009-3666 (xorg-x11-xfs)
File : nvt/fcore_2009_3666.nasl
2009-04-09 Name : Mandriva Update for libxslt MDVSA-2008:151 (libxslt)
File : nvt/gb_mandriva_MDVSA_2008_151.nasl
2009-03-23 Name : Ubuntu Update for libxslt vulnerabilities USN-633-1
File : nvt/gb_ubuntu_USN_633_1.nasl
2009-03-23 Name : Ubuntu Update for linux, linux-source-2.6.15/20/22 vulnerabilities USN-625-1
File : nvt/gb_ubuntu_USN_625_1.nasl
2009-03-06 Name : RedHat Update for libxslt RHSA-2008:0287-01
File : nvt/gb_RHSA-2008_0287-01_libxslt.nasl
2009-03-06 Name : RedHat Update for kernel RHSA-2008:0508-01
File : nvt/gb_RHSA-2008_0508-01_kernel.nasl
2009-03-06 Name : RedHat Update for kernel RHSA-2008:0055-01
File : nvt/gb_RHSA-2008_0055-01_kernel.nasl
2009-03-06 Name : RedHat Update for pcre RHSA-2007:1068-01
File : nvt/gb_RHSA-2007_1068-01_pcre.nasl
2009-03-06 Name : RedHat Update for pcre RHSA-2007:1059-01
File : nvt/gb_RHSA-2007_1059-01_pcre.nasl
2009-02-27 Name : CentOS Update for kernel CESA-2008:0508 centos4 x86_64
File : nvt/gb_CESA-2008_0508_kernel_centos4_x86_64.nasl
2009-02-27 Name : CentOS Update for kernel CESA-2008:0508 centos4 i386
File : nvt/gb_CESA-2008_0508_kernel_centos4_i386.nasl
2009-02-27 Name : CentOS Update for libxslt CESA-2008:0287 centos3 x86_64
File : nvt/gb_CESA-2008_0287_libxslt_centos3_x86_64.nasl
2009-02-27 Name : CentOS Update for libxslt CESA-2008:0287 centos3 i386
File : nvt/gb_CESA-2008_0287_libxslt_centos3_i386.nasl
2009-02-27 Name : CentOS Update for libxslt CESA-2008:0287-01 centos2 i386
File : nvt/gb_CESA-2008_0287-01_libxslt_centos2_i386.nasl
2009-02-27 Name : CentOS Update for kernel CESA-2008:0055 centos4 x86_64
File : nvt/gb_CESA-2008_0055_kernel_centos4_x86_64.nasl
2009-02-27 Name : CentOS Update for kernel CESA-2008:0055 centos4 i386
File : nvt/gb_CESA-2008_0055_kernel_centos4_i386.nasl
2009-01-23 Name : SuSE Update for php4, php5 SUSE-SA:2008:004
File : nvt/gb_suse_2008_004.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200710-11 (xfs)
File : nvt/glsa_200710_11.nasl

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2017-01-17 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201701-37.nasl - Type: ACT_GATHER_INFO
2016-04-01 Name: The remote device is affected by multiple vulnerabilities.
File: appletv_9_2.nasl - Type: ACT_GATHER_INFO
2016-03-22 Name: The remote host is missing a Mac OS X update that fixes multiple vulnerabilit...
File: macosx_SecUpd2016-002.nasl - Type: ACT_GATHER_INFO
2016-03-22 Name: The remote Mac OS X host is affected by multiple vulnerabilities.
File: macosx_10_11_4.nasl - Type: ACT_GATHER_INFO
2016-03-04 Name: The remote Fedora host is missing a security update.
File: fedora_2015-c24af963a2.nasl - Type: ACT_GATHER_INFO
2016-03-04 Name: The remote Fedora host is missing a security update.
File: fedora_2015-037f844d3e.nasl - Type: ACT_GATHER_INFO
2016-01-25 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2016-32.nasl - Type: ACT_GATHER_INFO
2016-01-12 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2016-0049-1.nasl - Type: ACT_GATHER_INFO
2016-01-12 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2016-0030-1.nasl - Type: ACT_GATHER_INFO
2015-12-29 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-3430.nasl - Type: ACT_GATHER_INFO
2015-12-29 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2015-959.nasl - Type: ACT_GATHER_INFO
2015-12-22 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20151207_libxml2_on_SL7_x.nasl - Type: ACT_GATHER_INFO
2015-12-15 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2015-628.nasl - Type: ACT_GATHER_INFO
2015-12-08 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2015-2550.nasl - Type: ACT_GATHER_INFO
2015-12-08 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2015-2550.nasl - Type: ACT_GATHER_INFO
2015-12-08 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2015-2550.nasl - Type: ACT_GATHER_INFO
2015-11-17 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-2812-1.nasl - Type: ACT_GATHER_INFO
2015-08-04 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20150722_libxml2_on_SL6_x.nasl - Type: ACT_GATHER_INFO
2015-07-31 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2015-0097.nasl - Type: ACT_GATHER_INFO
2015-07-30 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2015-1419.nasl - Type: ACT_GATHER_INFO
2015-07-28 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2015-1419.nasl - Type: ACT_GATHER_INFO
2015-07-23 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2015-1419.nasl - Type: ACT_GATHER_INFO
2015-07-08 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201507-08.nasl - Type: ACT_GATHER_INFO
2015-07-06 Name: The remote Debian host is missing a security update.
File: debian_DLA-266.nasl - Type: ACT_GATHER_INFO
2015-07-02 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_9c7177ff1fe111e59a01bcaec565249c.nasl - Type: ACT_GATHER_INFO