Summary
Detail | |||
---|---|---|---|
Vendor | Ubuntu | First view | 2006-07-18 |
Product | Ubuntu Linux | Last view | 2007-02-23 |
Version | 6.06_lts | Type | Os |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:o:ubuntu:ubuntu_linux |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.8 | 2007-02-23 | CVE-2006-5877 | The enigmail extension before 0.94.2 does not properly handle large, encrypted file e-mail attachments, which allows remote attackers to cause a denial of service (crash), as demonstrated with Mozilla Thunderbird. |
4.6 | 2006-12-13 | CVE-2006-5649 | Unspecified vulnerability in the "alignment check exception handling" in Ubuntu 5.10, 6.06 LTS, and 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (kernel panic) via unspecified vectors. |
5.4 | 2006-11-06 | CVE-2006-5466 | Heap-based buffer overflow in the showQueryPackage function in librpm in RPM Package Manager 4.4.8, when the LANG environment variable is set to ru_RU.UTF-8, might allow user-assisted attackers to execute arbitrary code via crafted RPM packages. |
7.6 | 2006-07-28 | CVE-2006-3747 | Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules. |
7.2 | 2006-07-18 | CVE-2006-3597 | passwd before 1:4.0.13 on Ubuntu 6.06 LTS leaves the root password blank instead of locking it when the administrator selects the "Go Back" option after the final "Installation complete" message and uses the main menu, which causes the password to be zeroed out in the installer's memory. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
100% (1) | CWE-189 | Numeric Errors |
SAINT Exploits
Description | Link |
---|---|
Apache mod_rewrite LDAP URL buffer overflow | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
45258 | enigmail Extension Encrypted File Attachment Handling DoS |
31373 | Linux PowerPC kernel Alignment Check Exception Handling DoS |
30209 | RPM Package Manager showQueryPackage Function Overflow |
27588 | Apache HTTP Server mod_rewrite LDAP Protocol URL Handling Overflow |
27091 | Ubuntu Linux Alternate/Server CD Installer Empty root Password |
ExploitDB Exploits
id | Description |
---|---|
3680 | Apache Mod_Rewrite Off-by-one Remote Overflow Exploit (win32) |
2237 | Apache < 1.3.37, 2.0.59, 2.2.3 (mod_rewrite) Remote Overflow PoC |
OpenVAS Exploits
id | Description |
---|---|
2010-05-12 | Name : Mac OS X 10.5.3 Update / Mac OS X Security Update 2008-003 File : nvt/macosx_upd_10_5_3_secupd_2008-003.nasl |
2010-02-03 | Name : Solaris Update for Apache 1.3 122912-19 File : nvt/gb_solaris_122912_19.nasl |
2010-02-03 | Name : Solaris Update for Apache 1.3 122911-19 File : nvt/gb_solaris_122911_19.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-13 | Name : Solaris Update for Apache 1.3 122912-17 File : nvt/gb_solaris_122912_17.nasl |
2009-10-13 | Name : Solaris Update for Apache 1.3 122911-17 File : nvt/gb_solaris_122911_17.nasl |
2009-10-10 | Name : SLES9: Security update for Apache2 File : nvt/sles9p5021257.nasl |
2009-10-10 | Name : SLES9: Security update for Apache and mod_ssl File : nvt/sles9p5018358.nasl |
2009-10-10 | Name : SLES9: Security update for Linux kernel File : nvt/sles9p5012650.nasl |
2009-09-23 | Name : Solaris Update for Apache 1.3 122911-16 File : nvt/gb_solaris_122911_16.nasl |
2009-09-23 | Name : Solaris Update for Apache 1.3 122912-16 File : nvt/gb_solaris_122912_16.nasl |
2009-06-03 | Name : Solaris Update for Apache 2 120544-14 File : nvt/gb_solaris_120544_14.nasl |
2009-06-03 | Name : Solaris Update for Apache 1.3 122911-15 File : nvt/gb_solaris_122911_15.nasl |
2009-06-03 | Name : Solaris Update for Apache 116974-07 File : nvt/gb_solaris_116974_07.nasl |
2009-06-03 | Name : Solaris Update for Apache 116973-07 File : nvt/gb_solaris_116973_07.nasl |
2009-06-03 | Name : Solaris Update for Apache 1.3 122912-15 File : nvt/gb_solaris_122912_15.nasl |
2009-06-03 | Name : Solaris Update for Apache Security 114145-11 File : nvt/gb_solaris_114145_11.nasl |
2009-06-03 | Name : Solaris Update for Apache Security 113146-12 File : nvt/gb_solaris_113146_12.nasl |
2009-06-03 | Name : Solaris Update for Apache 2 120543-14 File : nvt/gb_solaris_120543_14.nasl |
2009-03-23 | Name : Ubuntu Update for enigmail vulnerability USN-427-1 File : nvt/gb_ubuntu_USN_427_1.nasl |
2009-02-27 | Name : Fedora Update for httpd FEDORA-2007-617 File : nvt/gb_fedora_2007_617_httpd_fc5.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200608-01 (apache) File : nvt/glsa_200608_01.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200611-08 (rpm) File : nvt/glsa_200611_08.nasl |
2008-09-04 | Name : FreeBSD Ports: apache File : nvt/freebsd_apache11.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1131-1 (apache) File : nvt/deb_1131_1.nasl |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Apache HTTP server mod_rewrite module LDAP scheme handling buffer overflow at... RuleID : 17656 - Type : SERVER-APACHE - Revision : 11 |
2014-01-10 | Apache mod_rewrite buffer overflow attempt RuleID : 11679 - Type : SERVER-APACHE - Revision : 11 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2012-05-17 | Name: The remote SuSE 10 host is missing a security-related patch. File: suse_kernel-debug-2393.nasl - Type: ACT_GATHER_INFO |
2008-05-29 | Name: The remote host is missing a Mac OS X update that fixes various security issues. File: macosx_SecUpd2008-003.nasl - Type: ACT_GATHER_INFO |
2008-05-29 | Name: The remote host is missing a Mac OS X update that fixes various security issues. File: macosx_10_5_3.nasl - Type: ACT_GATHER_INFO |
2008-03-26 | Name: The remote version of Apache is vulnerable to an off-by-one buffer overflow a... File: apache_1_3_37.nasl - Type: ACT_GATHER_INFO |
2008-03-26 | Name: The remote version of Apache is vulnerable to an off-by-one buffer overflow a... File: apache_2_0_59.nasl - Type: ACT_GATHER_INFO |
2008-03-26 | Name: The remote version of Apache is vulnerable to an off-by-one buffer overflow a... File: apache_2_2_3.nasl - Type: ACT_GATHER_INFO |
2008-03-19 | Name: The remote host is missing a Mac OS X update that fixes various security issues. File: macosx_SecUpd2008-002.nasl - Type: ACT_GATHER_INFO |
2007-12-13 | Name: The remote SuSE 10 host is missing a security-related patch. File: suse_kernel-bigsmp-2399.nasl - Type: ACT_GATHER_INFO |
2007-12-13 | Name: The remote SuSE 10 host is missing a security-related patch. File: suse_apache2-1906.nasl - Type: ACT_GATHER_INFO |
2007-12-04 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHSS_37141.nasl - Type: ACT_GATHER_INFO |
2007-11-10 | Name: The remote Ubuntu host is missing a security-related patch. File: ubuntu_USN-427-1.nasl - Type: ACT_GATHER_INFO |
2007-11-10 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-395-1.nasl - Type: ACT_GATHER_INFO |
2007-11-10 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-378-1.nasl - Type: ACT_GATHER_INFO |
2007-11-10 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-328-1.nasl - Type: ACT_GATHER_INFO |
2007-11-10 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-316-1.nasl - Type: ACT_GATHER_INFO |
2007-10-17 | Name: The remote openSUSE host is missing a security update. File: suse_kernel-2397.nasl - Type: ACT_GATHER_INFO |
2007-10-17 | Name: The remote openSUSE host is missing a security update. File: suse_apache2-1905.nasl - Type: ACT_GATHER_INFO |
2007-10-03 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHSS_36773.nasl - Type: ACT_GATHER_INFO |
2007-09-25 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHSS_36385.nasl - Type: ACT_GATHER_INFO |
2007-09-25 | Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHSS_36386.nasl - Type: ACT_GATHER_INFO |
2007-02-18 | Name: The remote host is missing a vendor-supplied security patch File: suse_SA_2006_043.nasl - Type: ACT_GATHER_INFO |
2007-02-18 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2006-200.nasl - Type: ACT_GATHER_INFO |
2007-01-17 | Name: The remote Fedora Core host is missing a security update. File: fedora_2006-862.nasl - Type: ACT_GATHER_INFO |
2007-01-17 | Name: The remote Fedora Core host is missing a security update. File: fedora_2006-863.nasl - Type: ACT_GATHER_INFO |
2006-12-18 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-1237.nasl - Type: ACT_GATHER_INFO |