Summary
| Detail | |||
|---|---|---|---|
| Vendor | Slackware | First view | 2018-03-06 |
| Product | Slackware Linux | Last view | 2019-11-21 |
| Version | 14.1 | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:slackware:slackware_linux | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.8 | 2019-11-21 | CVE-2013-7172 | Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on the iodbctest and iodbctestw programs within the libiodbc package, which could allow local users to use RPATH information to execute arbitrary code with root privileges. |
| 9.8 | 2019-11-21 | CVE-2013-7171 | Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root privileges. |
| 7.8 | 2018-05-01 | CVE-2018-9336 | openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. This could cause a denial-of-service through memory corruption or possibly have unspecified other impact including privilege escalation. |
| 7.5 | 2018-03-06 | CVE-2018-7184 | ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 66% (2) | CWE-20 | Improper Input Validation |
| 33% (1) | CWE-415 | Double Free |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2018-05-22 | Multiple Vendors NTP zero-origin timestamp denial of service attempt RuleID : 46387 - Type : SERVER-OTHER - Revision : 3 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2018-08-17 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2018-1_0-0167.nasl - Type: ACT_GATHER_INFO |
| 2018-05-29 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201805-12.nasl - Type: ACT_GATHER_INFO |
| 2018-05-11 | Name: The remote Amazon Linux 2 host is missing a security update. File: al2_ALAS-2018-1009.nasl - Type: ACT_GATHER_INFO |
| 2018-05-11 | Name: The remote Amazon Linux AMI host is missing a security update. File: ala_ALAS-2018-1009.nasl - Type: ACT_GATHER_INFO |
| 2018-04-27 | Name: The remote Slackware host is missing a security update. File: Slackware_SSA_2018-116-01.nasl - Type: ACT_GATHER_INFO |
| 2018-03-09 | Name: The remote NTP server is affected by multiple vulnerabilities. File: ntp_4_2_8p11.nasl - Type: ACT_GATHER_INFO |
| 2018-03-02 | Name: The remote Slackware host is missing a security update. File: Slackware_SSA_2018-060-02.nasl - Type: ACT_GATHER_INFO |
| 2018-02-28 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_af485ef41c5811e88477d05099c0ae8c.nasl - Type: ACT_GATHER_INFO |
