This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Redhat First view 1994-12-19
Product Linux Last view 2018-12-21
Version 6.0 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:redhat:linux

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
8.1 2018-12-21 CVE-2018-20346

SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan.

7.5 2018-10-09 CVE-2018-17962

Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used.

6.2 2002-08-12 CVE-2002-0638

setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh.

3.6 2002-01-31 CVE-2002-0044

GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files.

4.6 2001-12-21 CVE-2001-0886

Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character.

7.5 2001-06-27 CVE-2001-0473

Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.

7.2 2001-05-28 CVE-2001-1028

Buffer overflow in ultimate_source function of man 1.5 and earlier allows local users to gain privileges.

10 2001-03-26 CVE-2001-0233

Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field.

10 2001-03-26 CVE-2001-0197

Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands.

7.2 2001-01-09 CVE-2000-1134

Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via a symlink attack.

10 2000-11-14 CVE-2000-0844

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

7.5 2000-10-20 CVE-2000-0751

mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.

7.5 2000-10-20 CVE-2000-0750

Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name.

6.2 2000-10-20 CVE-2000-0031

The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack.

7.2 2000-05-03 CVE-2000-0378

The pam_console PAM module in Linux systems performs a chown on various devices upon a user login, but an open file descriptor for those devices can be maintained after the user logs out, which allows that user to sniff activity on these devices when subsequent users log in.

7.2 2000-02-26 CVE-2000-0170

Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable.

10 2000-01-08 CVE-2000-1221

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.

10 2000-01-08 CVE-2000-1220

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.

7.5 1999-12-20 CVE-1999-0997

wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.

4.6 1999-10-07 CVE-1999-1347

Xsession in Red Hat Linux 6.1 and earlier can allow local users with restricted accounts to bypass execution of the .xsession file by starting kde, gnome or anotherlevel from kdm.

7.5 1999-10-07 CVE-1999-1346

PAM configuration file for rlogin in Red Hat Linux 6.1 and earlier includes a less restrictive rule before a more restrictive one, which allows users to access the host via rlogin even if rlogin has been explicitly disabled using the /etc/nologin file.

10 1999-10-04 CVE-1999-1542

RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the "MAIL FROM" command.

7.5 1999-09-01 CVE-1999-0705

Buffer overflow in INN inews program.

7.5 1999-08-21 CVE-2000-0355

pg and pb in SuSE pbpg 1.x package allows an attacker to read arbitrary files.

6.4 1999-08-19 CVE-1999-0740

Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable.

CWE : Common Weakness Enumeration

%idName
50% (2) CWE-190 Integer Overflow or Wraparound
25% (1) CWE-264 Permissions, Privileges, and Access Controls
25% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-18 Embedding Scripts in Nonscript Elements
CAPEC-63 Simple Script Injection
CAPEC-73 User-Controlled Filename

SAINT Exploits

Description Link
SSH password weakness More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
56526 Red Hat Linux net-tools Multiple Unspecified Overflows
56382 Centreon Nagios Virtual Appliance Default Account
17208 Multiple Linux lpr lpd DNS Resolution Remote Privilege Escalation
17207 Multiple Linux lpr lpd -C Parameter Local Privilege Escalation
16030 INN inews Local Overflow
14794 Multiple Unix Vendor locale subsystem Multiple Function Format String
14158 Multiple Unix Shell << Redirect Symlink Arbitrary File Overwrite
13662 Red Hat Linux /dev/pts Insecure Permission Arbitrary tty Write
13661 Red Hat Linux screen / rxvt Device Insecure Permission
13658 SuSE Linux pbpg Package pb Arbitrary File Access
13657 SuSE Linux pbpg Package pg Arbitrary File Access
13499 Red Hat Linux Xsession .xsession Restricted Account Bypass
13026 Red Hat Linux rlogin PAM Config File Malformed Ruleset
11500 xmcd XMCD_CDDBPATH Variable Local Overflow
11281 Red Hat pump DHCP Client Remote Privilege Escalation
9052 sudo File Existence Information Disclosure
7581 Red Hat initscripts Symlink Privilege Escalation
7306 Red Hat Linux rpc.lockd Malformed Request DoS
6988 mICQ Client Description Overflow
6318 RPMMail "MAIL FROM" Shell Metacharacter Command Execution
6069 Linuxconf Improper PAM Shutdown DoS
5615 Mutt IMAP Handling Remote Format String
5478 man ultimate_source Function Local Overflow
5164 util-linux setpwnam.c Open File Descriptor Race
2030 GNU Enscript Insecure Temporary File Creation

OpenVAS Exploits

id Description
2009-10-10 Name : SLES9: Security update for squid
File : nvt/sles9p5015546.nasl
2009-06-03 Name : Solaris Update for csh/pfcsh 110898-15
File : nvt/gb_solaris_110898_15.nasl
2009-05-05 Name : HP-UX Update for Shells HPSBUX00275
File : nvt/gb_hp_ux_HPSBUX00275.nasl
2008-09-04 Name : FreeBSD Ports: squid
File : nvt/freebsd_squid13.nasl
2008-01-17 Name : Debian Security Advisory DSA 012-1 (micq)
File : nvt/deb_012_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 103-1 (glibc)
File : nvt/deb_103_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 105-1 (enscript)
File : nvt/deb_105_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 377-1 (wu-ftpd)
File : nvt/deb_377_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 576-1 (squid)
File : nvt/deb_576_1.nasl
2005-11-03 Name : MPEi/X Default Accounts
File : nvt/DDI_MPEiX_FTP_Accounts.nasl
2005-11-03 Name : Netscape Enterprise Default Administrative Password
File : nvt/DDI_Netscape_Enterprise_Default_Administrative_Password.nasl
2005-11-03 Name : RedHat 6.0 cachemgr.cgi
File : nvt/cachemgr_cgi.nasl
2005-11-03 Name : Default password router Pirelli AGE mB
File : nvt/pirelli_router_default_password.nasl
2005-11-03 Name : wu-ftpd SITE EXEC vulnerability
File : nvt/wu_ftpd_site_exec.nasl
0000-00-00 Name : Slackware Advisory SSA:2003-259-03 WU-FTPD Security Advisory
File : nvt/esoft_slk_ssa_2003_259_03.nasl

Snort® IPS/IDS

Date Description
2019-02-05 SQLite FTS integer overflow attempt
RuleID : 48786 - Type : SERVER-OTHER - Revision : 2
2019-02-05 SQLite FTS integer overflow attempt
RuleID : 48785 - Type : SERVER-OTHER - Revision : 2
2014-01-10 tar parameters
RuleID : 362-community - Type : PROTOCOL-FTP - Revision : 20
2014-01-10 tar parameters
RuleID : 362 - Type : PROTOCOL-FTP - Revision : 20
2014-01-10 portmap nlockmgr request TCP
RuleID : 2080-community - Type : PROTOCOL-RPC - Revision : 13
2014-01-10 portmap nlockmgr request TCP
RuleID : 2080 - Type : PROTOCOL-RPC - Revision : 13
2014-01-10 portmap nlockmgr request UDP
RuleID : 2079-community - Type : PROTOCOL-RPC - Revision : 15
2014-01-10 portmap nlockmgr request UDP
RuleID : 2079 - Type : PROTOCOL-RPC - Revision : 15
2014-01-10 format string attempt
RuleID : 1530 - Type : FTP - Revision : 14
2014-01-10 wu-ftp bad file completion attempt
RuleID : 1378-community - Type : PROTOCOL-FTP - Revision : 24
2014-01-10 wu-ftp bad file completion attempt
RuleID : 1378 - Type : PROTOCOL-FTP - Revision : 24
2014-01-10 wu-ftp bad file completion attempt
RuleID : 1377-community - Type : PROTOCOL-FTP - Revision : 24
2014-01-10 wu-ftp bad file completion attempt
RuleID : 1377 - Type : PROTOCOL-FTP - Revision : 24
2014-01-10 cachemgr.cgi access
RuleID : 1206-community - Type : SERVER-WEBAPP - Revision : 18
2014-01-10 cachemgr.cgi access
RuleID : 1206 - Type : SERVER-WEBAPP - Revision : 18

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-87f2ace20d.nasl - Type: ACT_GATHER_INFO
2018-12-24 Name: The remote Debian host is missing a security update.
File: debian_DLA-1613.nasl - Type: ACT_GATHER_INFO
2018-12-01 Name: The remote Debian host is missing a security update.
File: debian_DLA-1599.nasl - Type: ACT_GATHER_INFO
2018-11-13 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4338.nasl - Type: ACT_GATHER_INFO
2017-12-01 Name: The remote host has an account with a default password.
File: account_admin_QwestM0dem.nasl - Type: ACT_GATHER_INFO
2017-04-07 Name: The remote system can be accessed with a default administrator account.
File: account_admin_adminIWSS85.nasl - Type: ACT_GATHER_INFO
2017-04-07 Name: The remote system can be accessed with a default administrator account.
File: account_root_adminIWSS85.nasl - Type: ACT_GATHER_INFO
2016-11-10 Name: The remote system can be accessed with a default administrator account.
File: account_admin_Passw0rd.nasl - Type: ACT_GATHER_INFO
2016-10-28 Name: The remote system can be accessed with a default administrator account.
File: account_666666_666666.nasl - Type: ACT_GATHER_INFO
2016-10-28 Name: The remote system can be accessed with a default administrator account.
File: account_888888_888888.nasl - Type: ACT_GATHER_INFO
2016-10-28 Name: The remote host has an account with no password set.
File: account_admin.nasl - Type: ACT_GATHER_INFO
2016-10-28 Name: The remote system can be accessed with a default administrator account.
File: account_admin1_password.nasl - Type: ACT_GATHER_INFO
2016-10-28 Name: The remote system can be accessed with a default administrator account.
File: account_admin_1111.nasl - Type: ACT_GATHER_INFO
2016-10-28 Name: The remote system can be accessed with a default administrator account.
File: account_admin_1111111.nasl - Type: ACT_GATHER_INFO
2016-10-28 Name: The remote system can be accessed with a default administrator account.
File: account_admin_1234.nasl - Type: ACT_GATHER_INFO
2016-10-28 Name: The remote system can be accessed with a default administrator account.
File: account_admin_12345.nasl - Type: ACT_GATHER_INFO
2016-10-28 Name: The remote system can be accessed with a default administrator account.
File: account_admin_123456.nasl - Type: ACT_GATHER_INFO
2016-10-28 Name: The remote system can be accessed with a default administrator account.
File: account_admin_4321.nasl - Type: ACT_GATHER_INFO
2016-10-28 Name: The remote system can be accessed with a default administrator account.
File: account_admin_54321.nasl - Type: ACT_GATHER_INFO
2016-10-28 Name: The remote system can be accessed with a default administrator account.
File: account_admin_7ujMko0admin.nasl - Type: ACT_GATHER_INFO
2016-10-28 Name: The remote system can be accessed with a default administrator account.
File: account_admin_admin1234.nasl - Type: ACT_GATHER_INFO
2016-10-28 Name: The remote system can be accessed with a default administrator account.
File: account_admin_meinsm.nasl - Type: ACT_GATHER_INFO
2016-10-28 Name: The remote system can be accessed with a default administrator account.
File: account_admin_pass.nasl - Type: ACT_GATHER_INFO
2016-10-28 Name: The remote system can be accessed with a default administrator account.
File: account_admin_smcadmin.nasl - Type: ACT_GATHER_INFO
2016-10-28 Name: The remote system can be accessed with a default administrator account.
File: account_administrator_1234.nasl - Type: ACT_GATHER_INFO