This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Redhat First view 2002-12-11
Product Linux Advanced Workstation Last view 2008-05-23
Version Type Os
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:ia64:*:*:*:*:* 47
cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:* 46
cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium:*:*:*:*:* 10
cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:*:*:*:*:*:* 5
cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:as:*:*:*:*:* 3

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.5 2008-05-23 CVE-2008-1767

Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.

7.2 2007-10-11 CVE-2007-5365

Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.

8.5 2007-04-05 CVE-2007-1351

Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.

10 2006-12-07 CVE-2006-6235

A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory.

5 2005-12-31 CVE-2005-3626

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

10 2005-12-31 CVE-2005-3625

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

5 2005-12-31 CVE-2005-3624

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

2.6 2005-12-31 CVE-2005-1918

The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/".

7.5 2005-06-13 CVE-2005-1760

sysreport 1.3.15 and earlier includes contents of the up2date file in a report, which leaks the password for a proxy server in plaintext and allows local users to gain privileges.

4.6 2005-05-04 CVE-2005-1194

Stack-based buffer overflow in the ieee_putascii function for nasm 0.98 and earlier allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2004-1287.

5 2005-05-02 CVE-2005-1061

The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka "logwatch log processing regular expression DoS."

3.7 2005-05-02 CVE-2005-0988

Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.

4.6 2005-05-02 CVE-2005-0078

The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session.

7.5 2005-04-27 CVE-2005-0206

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.

7.5 2005-04-14 CVE-2004-1176

Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.

7.5 2005-04-14 CVE-2004-1175

fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters.

5 2005-04-14 CVE-2004-1174

direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles."

5 2005-04-14 CVE-2004-1093

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory."

5 2005-04-14 CVE-2004-1092

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory.

5 2005-04-14 CVE-2004-1091

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference.

5 2005-04-14 CVE-2004-1090

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header."

5 2005-04-14 CVE-2004-1009

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.

7.5 2005-04-14 CVE-2004-1005

Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.

7.5 2005-04-14 CVE-2004-1004

Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.

7.5 2005-03-08 CVE-2005-0699

Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values.

CWE : Common Weakness Enumeration

%idName
28% (2) CWE-399 Resource Management Errors
28% (2) CWE-189 Numeric Errors
28% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
14% (1) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-6 Argument Injection
CAPEC-15 Command Delimiters
CAPEC-79 Using Slashes in Alternate Encoding

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:1160 Safe.PM Unsafe Code Execution Vulnerability
oval:org.mitre.oval:def:10736 The Internet Group Management Protocol (IGMP) allows local users to cause a d...
oval:org.mitre.oval:def:664 Code Execution Vulnerability in XPDF PDF Viewer
oval:org.mitre.oval:def:113 X Display Manager Control Protocol Denial of Service
oval:org.mitre.oval:def:129 GDM X Display Manager Authorization Vulnerability
oval:org.mitre.oval:def:387 C-Media Sound Driver Userspace Access Vulnerability II
oval:org.mitre.oval:def:11337 The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local us...
oval:org.mitre.oval:def:846 Red Hat gdk-pixbuf Denial of Service
oval:org.mitre.oval:def:845 Red Hat Enterprise 3 gdk-pixbuf Denial of Service
oval:org.mitre.oval:def:10574 gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) ...
oval:org.mitre.oval:def:971 libpng Malformed PNG Image Vulnerability
oval:org.mitre.oval:def:11710 The Portable Network Graphics library (libpng) 1.0.15 and earlier allows atta...
oval:org.mitre.oval:def:9854 Multiple extfs backend scripts for GNOME virtual file system (VFS) before 1.0...
oval:org.mitre.oval:def:9931 The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers...
oval:org.mitre.oval:def:10252 The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote at...
oval:org.mitre.oval:def:9721 The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers ...
oval:org.mitre.oval:def:8896 Multiple vulnerabilities in the RLE (run length encoding) decoders for libtif...
oval:org.mitre.oval:def:100114 libtiff RLE Decoder Buffer Overflow Vulnerabilities
oval:org.mitre.oval:def:8843 Multiple heap-based buffer overflows in the imlib BMP image handler allow rem...
oval:org.mitre.oval:def:11123 Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4....
oval:org.mitre.oval:def:9969 Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3...
oval:org.mitre.oval:def:10330 Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 ...
oval:org.mitre.oval:def:9907 Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attacker...
oval:org.mitre.oval:def:100116 libtiff Malloc Error Denial of Service
oval:org.mitre.oval:def:9714 Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use x...

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
73493 libpng pngerror.c png_format_buffer() Off-by-one PNG Image Handling Remote DoS
55381 GNU libc (glibc) getifaddrs Function Netlink Interface Spoofed Message Local DoS
45419 libxslt XSL Style-sheet File Processing Arbitrary Code Execution
44330 CUPS on Red Hat 64-bit pdftops Crafted PDF File Handling Overflow
41687 Multiple Vendor dhcpd options.c cons_options Function DHCP Request Remote Ove...
34918 X.Org X11 libXfont bdfReadCharacters Function BDF Font Handling Overflow
34917 FreeType bdfReadCharacters Function BDF Font Handling Overflow
31832 GnuPG OpenPGP Packet Decryption Overflow
22509 IGMP Spoofed Membership Report DoS
22235 Multiple Products Xpdf/kpdf Crafted FlateDecode Stream NULL Dereference DoS
22234 Multiple Products Xpdf/kpdf Crafted CCITTFaxDecode / DCTDecode Stream DoS
22233 Multiple Products Xpdf/kpdf Stream.cc CCITTFaxStream::CCITTFaxStream Function...
17302 Red Hat sysreport up2date Proxy Password Cleartext Disclosure
16894 Xpdf Integer Overflow Patch 64 Bit Architecture Failure
16088 NASM ieee_putascii() Function ASM File Overflow
15708 Red Hat logwatch secure Log Parsing DoS
15487 gzip Race Condition Arbitrary File Permission Modification
15382 Mozilla Multiple Malformed HTML Tag Null Dereference DoS
14612 Ethereal 3GPP2 A11 Dissector dissect_a11_radius() Function Overflow
14570 Sylpheed Message Header Processing Overflow
13204 KDE Screensaver Crash Local Bypass
13149 Xpdf Multiple Unspecified Remote Overflows
12911 Midnight Commander Unspecified Underflow DoS
12910 Midnight Commander Insecure Filename Quoting Arbitrary Command Execution
12909 Midnight Commander Nonexistent File Descriptor Handling DoS

ExploitDB Exploits

id Description
24259 Ethereal 0.x Multiple Unspecified iSNS, SMB and SNMP Protocol Dissector Vulne...
4601 Ubuntu 6.06 DHCPd bug Remote Denial of Service Exploit

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-09-10 Name : Slackware Advisory SSA:2011-210-01 libpng
File : nvt/esoft_slk_ssa_2011_210_01.nasl
2012-07-09 Name : RedHat Update for libpng RHSA-2011:1105-01
File : nvt/gb_RHSA-2011_1105-01_libpng.nasl
2012-04-11 Name : Fedora Update for libpng10 FEDORA-2012-5079
File : nvt/gb_fedora_2012_5079_libpng10_fc15.nasl
2012-04-02 Name : Fedora Update for libpng10 FEDORA-2012-3536
File : nvt/gb_fedora_2012_3536_libpng10_fc15.nasl
2012-03-07 Name : Fedora Update for libpng10 FEDORA-2012-2008
File : nvt/gb_fedora_2012_2008_libpng10_fc15.nasl
2011-10-21 Name : Mandriva Update for libpng MDVSA-2011:151 (libpng)
File : nvt/gb_mandriva_MDVSA_2011_151.nasl
2011-08-02 Name : Fedora Update for libpng FEDORA-2011-9336
File : nvt/gb_fedora_2011_9336_libpng_fc14.nasl
2011-07-27 Name : Fedora Update for libpng10 FEDORA-2011-8844
File : nvt/gb_fedora_2011_8844_libpng10_fc15.nasl
2011-07-27 Name : Fedora Update for libpng10 FEDORA-2011-8867
File : nvt/gb_fedora_2011_8867_libpng10_fc14.nasl
2011-07-22 Name : Fedora Update for libpng FEDORA-2011-9343
File : nvt/gb_fedora_2011_9343_libpng_fc15.nasl
2011-07-18 Name : Fedora Update for mingw32-libpng FEDORA-2011-8868
File : nvt/gb_fedora_2011_8868_mingw32-libpng_fc14.nasl
2011-07-18 Name : Fedora Update for mingw32-libpng FEDORA-2011-8874
File : nvt/gb_fedora_2011_8874_mingw32-libpng_fc15.nasl
2010-05-12 Name : Mac OS X Security Update 2008-007
File : nvt/macosx_secupd_2008-007.nasl
2010-05-12 Name : Mac OS X Security Update 2009-001
File : nvt/macosx_secupd_2009-001.nasl
2009-11-17 Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-13 Name : Solaris Update for in.dhcpd libresolv and BIND9 112837-20
File : nvt/gb_solaris_112837_20.nasl
2009-10-13 Name : Solaris Update for in.dhcpd libresolv and BIND9 114265-19
File : nvt/gb_solaris_114265_19.nasl
2009-10-13 Name : SLES10: Security update for libxslt
File : nvt/sles10_libxslt0.nasl
2009-10-10 Name : SLES9: Security update for Linux kernel
File : nvt/sles9p5010817.nasl
2009-10-10 Name : SLES9: Security update for ethereal
File : nvt/sles9p5010966.nasl
2009-10-10 Name : SLES9: Security update for Midnight Commander
File : nvt/sles9p5011441.nasl
2009-10-10 Name : SLES9: Security update for kdelibs3
File : nvt/sles9p5011912.nasl
2009-10-10 Name : SLES9: Security update for Mozilla
File : nvt/sles9p5012017.nasl
2009-10-10 Name : SLES9: Security update for freetype2
File : nvt/sles9p5013340.nasl
2009-10-10 Name : SLES9: Security update for gnome-vfs2,gnome-vfs2-doc
File : nvt/sles9p5014116.nasl

Snort® IPS/IDS

Date Description
2018-01-17 Mozilla Firefox buffer overflow attempt
RuleID : 45172 - Type : BROWSER-FIREFOX - Revision : 1
2018-01-17 Mozilla Firefox buffer overflow attempt
RuleID : 45171 - Type : BROWSER-FIREFOX - Revision : 1
2017-08-29 Sun Solaris dhcpd malformed bootp denial of service attempt
RuleID : 43752 - Type : SERVER-OTHER - Revision : 2
2014-01-10 Microsoft Windows Bitmap width integer overflow multipacket attempt
RuleID : 3634 - Type : WEB-CLIENT - Revision : 9
2014-01-10 Microsoft Windows Bitmap width integer overflow attempt
RuleID : 3632 - Type : FILE-IMAGE - Revision : 25
2015-10-01 Microsoft Windows Bitmap width integer overflow attempt
RuleID : 35848 - Type : FILE-IMAGE - Revision : 3
2014-01-10 RADIUS ATTR_TYPE_STR overflow attempt
RuleID : 3541 - Type : SERVER-OTHER - Revision : 7
2014-01-10 RADIUS registration vendor ATTR_TYPE_STR overflow attempt
RuleID : 3540 - Type : SERVER-OTHER - Revision : 7
2014-01-10 RADIUS MSID overflow attempt
RuleID : 3539 - Type : SERVER-OTHER - Revision : 7
2014-01-10 RADIUS registration MSID overflow attempt
RuleID : 3538 - Type : SERVER-OTHER - Revision : 7
2014-01-10 Infinity CGI exploit scanner nph-exploitscanget.cgi access
RuleID : 2222-community - Type : SERVER-WEBAPP - Revision : 20
2014-01-10 Infinity CGI exploit scanner nph-exploitscanget.cgi access
RuleID : 2222 - Type : SERVER-WEBAPP - Revision : 20
2014-01-10 Metamail header length exploit attempt
RuleID : 22115 - Type : SERVER-MAIL - Revision : 6
2014-01-10 Metamail header length exploit attempt
RuleID : 22114 - Type : SERVER-MAIL - Revision : 6
2014-01-10 Metamail header length exploit attempt
RuleID : 22113 - Type : SERVER-MAIL - Revision : 6
2014-01-10 Metamail format string exploit attempt
RuleID : 22112 - Type : SERVER-MAIL - Revision : 5
2014-01-10 Metamail format string exploit attempt
RuleID : 22111 - Type : SERVER-MAIL - Revision : 5
2014-01-10 Metamail format string exploit attempt
RuleID : 22110 - Type : SERVER-MAIL - Revision : 4
2014-01-10 SMB client TRANS response ring0 remote code execution attempt
RuleID : 16531 - Type : NETBIOS - Revision : 11
2014-01-10 Samba unicode filename buffer overflow attempt
RuleID : 15986 - Type : SERVER-SAMBA - Revision : 8
2014-01-10 Samba wildcard filename matching denial of service attempt
RuleID : 15581 - Type : SERVER-SAMBA - Revision : 5

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-07-12 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2006-0754.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2007-0125.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2007-0126.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2007-0132.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2007-0150.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2008-0206.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2008-0287.nasl - Type: ACT_GATHER_INFO
2012-09-24 Name: The remote Fedora Core host is missing a security update.
File: fedora_2006-010.nasl - Type: ACT_GATHER_INFO
2012-09-24 Name: The remote Fedora Core host is missing a security update.
File: fedora_2006-011.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-041.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2005-042.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2005-043.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-044.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-056.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20080401_cups_on_SL3_x.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20080521_libxslt_on_SL3_x.nasl - Type: ACT_GATHER_INFO
2011-10-18 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2011-151.nasl - Type: ACT_GATHER_INFO
2011-08-01 Name: The remote Fedora host is missing a security update.
File: fedora_2011-9336.nasl - Type: ACT_GATHER_INFO
2011-07-25 Name: The remote Fedora host is missing a security update.
File: fedora_2011-8844.nasl - Type: ACT_GATHER_INFO
2011-07-25 Name: The remote Fedora host is missing a security update.
File: fedora_2011-8867.nasl - Type: ACT_GATHER_INFO
2011-07-19 Name: The remote Fedora host is missing a security update.
File: fedora_2011-9343.nasl - Type: ACT_GATHER_INFO
2011-07-18 Name: The remote Fedora host is missing a security update.
File: fedora_2011-8868.nasl - Type: ACT_GATHER_INFO
2011-07-18 Name: The remote Fedora host is missing a security update.
File: fedora_2011-8874.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_10009.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_10010.nasl - Type: ACT_GATHER_INFO