This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Redhat First view 2003-07-24
Product Linux Advanced Workstation Last view 2008-05-23
Version 2.1 Type Os
Update *  
Edition itanium  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:redhat:linux_advanced_workstation

Activity : Overall

Related : CVE

  Date Alert Description
7.5 2008-05-23 CVE-2008-1767

Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.

7.2 2007-10-11 CVE-2007-5365

Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.

8.5 2007-04-05 CVE-2007-1351

Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.

5 2005-12-31 CVE-2005-3626

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

10 2005-12-31 CVE-2005-3625

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

5 2005-12-31 CVE-2005-3624

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

2.6 2005-12-31 CVE-2005-1918

The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/".

5 2005-05-02 CVE-2005-1061

The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka "logwatch log processing regular expression DoS."

5 2004-10-18 CVE-2004-1613

Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.

7.5 2003-07-24 CVE-2003-0434

Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.

CWE : Common Weakness Enumeration

%idName
28% (2) CWE-399 Resource Management Errors
28% (2) CWE-189 Numeric Errors
28% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
14% (1) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-6 Argument Injection
CAPEC-15 Command Delimiters
CAPEC-79 Using Slashes in Alternate Encoding

Open Source Vulnerability Database (OSVDB)

id Description
45419 libxslt XSL Style-sheet File Processing Arbitrary Code Execution
41687 Multiple Vendor dhcpd options.c cons_options Function DHCP Request Remote Ove...
34918 X.Org X11 libXfont bdfReadCharacters Function BDF Font Handling Overflow
34917 FreeType bdfReadCharacters Function BDF Font Handling Overflow
22235 Multiple Products Xpdf/kpdf Crafted FlateDecode Stream NULL Dereference DoS
22234 Multiple Products Xpdf/kpdf Crafted CCITTFaxDecode / DCTDecode Stream DoS
22233 Multiple Products Xpdf/kpdf Stream.cc CCITTFaxStream::CCITTFaxStream Function...
15708 Red Hat logwatch secure Log Parsing DoS
15382 Mozilla Multiple Malformed HTML Tag Null Dereference DoS
9293 Multiple PDF Viewers Embedded Hyperlink Shell Metacharacter Command Execution
9063 GNU tar Extraction Arbitrary File Overwrite

ExploitDB Exploits

id Description
4601 Ubuntu 6.06 DHCPd bug Remote Denial of Service Exploit

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2010-05-12 Name : Mac OS X Security Update 2009-001
File : nvt/macosx_secupd_2009-001.nasl
2010-05-12 Name : Mac OS X Security Update 2008-007
File : nvt/macosx_secupd_2008-007.nasl
2009-11-17 Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-13 Name : SLES10: Security update for libxslt
File : nvt/sles10_libxslt0.nasl
2009-10-13 Name : Solaris Update for in.dhcpd libresolv and BIND9 114265-19
File : nvt/gb_solaris_114265_19.nasl
2009-10-13 Name : Solaris Update for in.dhcpd libresolv and BIND9 112837-20
File : nvt/gb_solaris_112837_20.nasl
2009-10-10 Name : SLES9: Security update for libxslt
File : nvt/sles9p5028020.nasl
2009-10-10 Name : SLES9: Security update for some XFree86 modules
File : nvt/sles9p5021116.nasl
2009-10-10 Name : SLES9: Security update for tar
File : nvt/sles9p5020240.nasl
2009-10-10 Name : SLES9: Security update for freetype2
File : nvt/sles9p5013340.nasl
2009-06-03 Name : Solaris Update for dhcp server and admin 109077-21
File : nvt/gb_solaris_109077_21.nasl
2009-06-03 Name : Solaris Update for usr/lib/inet/in.dhcpd 138877-01
File : nvt/gb_solaris_138877_01.nasl
2009-06-03 Name : Solaris Update for usr/lib/inet/in.dhcpd 138876-01
File : nvt/gb_solaris_138876_01.nasl
2009-06-03 Name : Solaris Update for in.dhcpd libresolv and BIND9 114265-17
File : nvt/gb_solaris_114265_17.nasl
2009-06-03 Name : Solaris Update for in.dhcpd libresolv and BIND9 112837-18
File : nvt/gb_solaris_112837_18.nasl
2009-06-03 Name : Solaris Update for dhcp server and admin 109078-21
File : nvt/gb_solaris_109078_21.nasl
2009-04-09 Name : Mandriva Update for xorg-x11 MDKSA-2007:079 (xorg-x11)
File : nvt/gb_mandriva_MDKSA_2007_079.nasl
2009-04-09 Name : Mandriva Update for xorg-x11 MDKSA-2007:079-1 (xorg-x11)
File : nvt/gb_mandriva_MDKSA_2007_079_1.nasl
2009-04-09 Name : Mandriva Update for tightvnc MDKSA-2007:080 (tightvnc)
File : nvt/gb_mandriva_MDKSA_2007_080.nasl
2009-04-09 Name : Mandriva Update for tightvnc MDKSA-2007:080-1 (tightvnc)
File : nvt/gb_mandriva_MDKSA_2007_080_1.nasl
2009-04-09 Name : Mandriva Update for freetype2 MDKSA-2007:081 (freetype2)
File : nvt/gb_mandriva_MDKSA_2007_081.nasl
2009-04-09 Name : Mandriva Update for freetype2 MDKSA-2007:081-1 (freetype2)
File : nvt/gb_mandriva_MDKSA_2007_081_1.nasl
2009-04-09 Name : Mandriva Update for libxslt MDVSA-2008:151 (libxslt)
File : nvt/gb_mandriva_MDVSA_2008_151.nasl
2009-03-23 Name : Ubuntu Update for libxslt vulnerabilities USN-633-1
File : nvt/gb_ubuntu_USN_633_1.nasl
2009-03-23 Name : Ubuntu Update for dhcp vulnerability USN-531-2
File : nvt/gb_ubuntu_USN_531_2.nasl

Snort® IPS/IDS

Date Description
2017-08-29 Sun Solaris dhcpd malformed bootp denial of service attempt
RuleID : 43752 - Type : SERVER-OTHER - Revision : 2
2014-01-10 Infinity CGI exploit scanner nph-exploitscanget.cgi access
RuleID : 2222-community - Type : SERVER-WEBAPP - Revision : 20
2014-01-10 Infinity CGI exploit scanner nph-exploitscanget.cgi access
RuleID : 2222 - Type : SERVER-WEBAPP - Revision : 20

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2008-0287.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2007-0150.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2007-0132.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2007-0126.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2007-0125.nasl - Type: ACT_GATHER_INFO
2012-09-24 Name: The remote Fedora Core host is missing a security update.
File: fedora_2006-010.nasl - Type: ACT_GATHER_INFO
2012-09-24 Name: The remote Fedora Core host is missing a security update.
File: fedora_2006-011.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20080521_libxslt_on_SL3_x.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_12184.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2008-151.nasl - Type: ACT_GATHER_INFO
2009-02-13 Name: The remote host is missing a Mac OS X update that fixes various security issues.
File: macosx_SecUpd2009-001.nasl - Type: ACT_GATHER_INFO
2008-11-14 Name: The remote host contains a web browser that is affected by several issues.
File: macosx_Safari3_2.nasl - Type: ACT_GATHER_INFO
2008-11-14 Name: The remote host contains a web browser that is affected by several issues.
File: safari_3_2.nasl - Type: ACT_GATHER_INFO
2008-10-10 Name: The remote host is missing a Mac OS X update that fixes various security issues.
File: macosx_SecUpd2008-007.nasl - Type: ACT_GATHER_INFO
2008-08-04 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-633-1.nasl - Type: ACT_GATHER_INFO
2008-07-29 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2008-210-03.nasl - Type: ACT_GATHER_INFO
2008-06-16 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_libxslt-5343.nasl - Type: ACT_GATHER_INFO
2008-06-16 Name: The remote openSUSE host is missing a security update.
File: suse_libxslt-5263.nasl - Type: ACT_GATHER_INFO
2008-06-04 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200806-02.nasl - Type: ACT_GATHER_INFO
2008-05-29 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-1589.nasl - Type: ACT_GATHER_INFO
2008-05-22 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2008-0287.nasl - Type: ACT_GATHER_INFO
2008-05-22 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2008-0287.nasl - Type: ACT_GATHER_INFO
2008-01-08 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-1454.nasl - Type: ACT_GATHER_INFO
2007-12-13 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_freetype2-3067.nasl - Type: ACT_GATHER_INFO
2007-12-13 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_xorg-x11-server-3083.nasl - Type: ACT_GATHER_INFO