This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Slackware First view 2003-12-15
Product Slackware Linux Last view 2005-12-31
Version 9.1 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:slackware:slackware_linux

Activity : Overall

Related : CVE

  Date Alert Description
5 2005-12-31 CVE-2005-3626

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

10 2005-12-31 CVE-2005-3625

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

5 2005-12-31 CVE-2005-3624

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

6.9 2005-02-09 CVE-2004-0940

Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.

10 2005-01-27 CVE-2004-0891

Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer.

2.1 2005-01-27 CVE-2004-0881

getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir.

1.2 2005-01-27 CVE-2004-0880

getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a symlink attack on an mbox file.

2.1 2004-08-18 CVE-2004-0233

Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files.

5 2004-08-18 CVE-2004-0232

Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.

2.1 2004-08-18 CVE-2004-0231

Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations."

10 2004-08-18 CVE-2004-0226

Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.

7.2 2004-07-07 CVE-2004-0424

Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option.

7.5 2004-01-05 CVE-2003-0977

CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.

7.5 2003-12-15 CVE-2003-0962

Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.

CWE : Common Weakness Enumeration

%idName
50% (2) CWE-399 Resource Management Errors
25% (1) CWE-189 Numeric Errors
25% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-100 Overflow Buffers
CAPEC-123 Buffer Attacks

Open Source Vulnerability Database (OSVDB)

id Description
22235 Multiple Products Xpdf/kpdf Crafted FlateDecode Stream NULL Dereference DoS
22234 Multiple Products Xpdf/kpdf Crafted CCITTFaxDecode / DCTDecode Stream DoS
22233 Multiple Products Xpdf/kpdf Stream.cc CCITTFaxStream::CCITTFaxStream Function...
12881 OpenBSD httpd mod_include Local Overflow
11003 Apache HTTP Server mod_include get_tag() Function Local Overflow
10988 Gaim MSN File Transfer Overflow DoS
10987 Gaim Malformed MSN SLP Message DoS
10986 Gaim MSN SLP Message Handling Remote Overflow
10072 getmail /tmp Symlink Local Privilege Escalation
5722 Midnight Commander Unspecified Buffer Overflows
5721 Midnight Commander Insecure Temporary File Creation
5720 Midnight Commander Unspecified Format String
5550 utempter Symlink Arbitrary File Overwrite
5547 Linux Kernel ip_setsockopt MCAST_MSFILTER macro Overflow
2941 CVS pserver Crafted Module Request Arbitrary File / Directory Creation
2898 rsync Unspecified Remote Heap Overflow

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2009-10-10 Name : SLES9: Security update for apache
File : nvt/sles9p5014050.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200312-04 (CVS)
File : nvt/glsa_200312_04.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200312-03 (rsync)
File : nvt/glsa_200312_03.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200405-05 (utempter)
File : nvt/glsa_200405_05.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200405-21 (MC)
File : nvt/glsa_200405_21.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200409-32 (getmail)
File : nvt/glsa_200409_32.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200410-23 (gaim)
File : nvt/glsa_200410_23.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200411-03 (apache)
File : nvt/glsa_200411_03.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200601-02 (kdegraphics, kpdf, koffice, kword)
File : nvt/glsa_200601_02.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200601-17 (xpdf poppler gpdf libextractor pdfto...
File : nvt/glsa_200601_17.nasl
2008-09-04 Name : FreeBSD Ports: rsync
File : nvt/freebsd_rsync1.nasl
2008-09-04 Name : FreeBSD Ports: mc
File : nvt/freebsd_mc0.nasl
2008-09-04 Name : FreeBSD Ports: getmail
File : nvt/freebsd_getmail.nasl
2008-09-04 Name : FreeBSD Ports: gaim, ja-gaim, ru-gaim
File : nvt/freebsd_gaim7.nasl
2008-09-04 Name : FreeBSD Ports: gaim, ja-gaim, ko-gaim, ru-gaim
File : nvt/freebsd_gaim2.nasl
2008-09-04 Name : FreeBSD Ports: apache
File : nvt/freebsd_apache0.nasl
2008-01-17 Name : Debian Security Advisory DSA 938-1 (koffice)
File : nvt/deb_938_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 404-1 (rsync)
File : nvt/deb_404_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 422-1 (cvs)
File : nvt/deb_422_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 497-1 (mc)
File : nvt/deb_497_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 553-1 (getmail)
File : nvt/deb_553_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 594-1 (apache)
File : nvt/deb_594_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 931-1 (xpdf)
File : nvt/deb_931_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 932-1 (xpdf)
File : nvt/deb_932_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 936-1 (libextractor)
File : nvt/deb_936_1.nasl

Snort® IPS/IDS

Date Description
2015-07-28 Apache mod_include buffer overflow attempt
RuleID : 34973 - Type : SERVER-OTHER - Revision : 2
2014-01-10 CVS non-relative path access attempt
RuleID : 2318-community - Type : SERVER-OTHER - Revision : 8
2014-01-10 CVS non-relative path access attempt
RuleID : 2318 - Type : SERVER-OTHER - Revision : 8
2014-01-10 CVS non-relative path error response
RuleID : 2317-community - Type : INDICATOR-COMPROMISE - Revision : 10
2014-01-10 CVS non-relative path error response
RuleID : 2317 - Type : INDICATOR-COMPROMISE - Revision : 10
2014-01-10 rsyncd overflow attempt
RuleID : 2048 - Type : MISC - Revision : 10

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-09-24 Name: The remote Fedora Core host is missing a security update.
File: fedora_2006-011.nasl - Type: ACT_GATHER_INFO
2012-09-24 Name: The remote Fedora Core host is missing a security update.
File: fedora_2006-010.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_6e6a6b8a2fde11d9b3a20050fc56d258.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_8c33b299163b11d9ac1b000d614f7fad.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_5729b8ed5d7511d880e30020ed76ef5a.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_0c6f3fde9c5111d893660020ed76ef5a.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-937.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-936.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-932.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-931.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-938.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-940.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-950.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-961.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-962.nasl - Type: ACT_GATHER_INFO
2006-07-05 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-868.nasl - Type: ACT_GATHER_INFO
2006-07-05 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2006-0177.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2006-0160.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2006-0163.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2005-840.nasl - Type: ACT_GATHER_INFO
2006-02-15 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2006-045-09.nasl - Type: ACT_GATHER_INFO
2006-02-15 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2006-045-04.nasl - Type: ACT_GATHER_INFO
2006-02-01 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200601-17.nasl - Type: ACT_GATHER_INFO
2006-01-21 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-236-2.nasl - Type: ACT_GATHER_INFO
2006-01-21 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-236-1.nasl - Type: ACT_GATHER_INFO