cbcvebase.

Conectiva Linux vulnerabilities

60 known vulnerabilities affecting conectiva/linux.

Total CVEs
60
CISA KEV
0
Public exploits
17
Exploited in wild
0
Severity breakdown
CRITICAL15HIGH17MEDIUM18LOW10

Vulnerabilities

Page 3 of 3
CVE-2001-0834P4MEDIUMCVSS 6.4v5.0v5.1+2 more2001-12-06
CVE-2001-0834 [MEDIUM] CVE-2001-0834: htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c opt htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the targ
nvd
CVE-2003-0468P4MEDIUMCVSS 5.0v7.0v8.02003-08-27
CVE-2003-0468 [MEDIUM] CVE-2003-0468: Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Postfix to attempt to use SMTP to communicate with the target on the associated port.
nvd
CVE-2001-0128P4HIGHCVSS 7.2v4.2v5.0+2 more2001-03-12
CVE-2001-0128 [HIGH] CVE-2001-0128: Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.
nvd
CVE-2004-0905P4MEDIUMCVSS 4.6v9.0v10.02004-09-14
CVE-2004-0905 [MEDIUM] CVE-2004-0905: Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.
nvd
CVE-2005-1043P4MEDIUMCVSS 5.0v9.0v10.02005-04-14
CVE-2005-1043 [MEDIUM] CVE-2005-1043: exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.
nvd
CVE-2004-0807P4MEDIUMCVSS 5.0v9.0v10.02004-09-13
CVE-2004-0807 [MEDIUM] CVE-2004-0807: Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memo Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop.
nvd
CVE-2004-0930P4MEDIUMCVSS 5.0v10.02005-01-27
CVE-2004-0930 [MEDIUM] CVE-2004-0930: The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authentic The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.
nvd
CVE-2004-0626P4MEDIUMCVSS 5.0v102004-12-06
CVE-2004-0626 [MEDIUM] CVE-2004-0626: The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type.
nvd
CVE-2005-3624P4MEDIUMCVSS 5.0v10.02005-12-31
CVE-2005-3624 [MEDIUM] CWE-189 CVE-2005-3624: The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, t The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
nvd
CVE-2005-3626P4MEDIUMCVSS 5.0v10.02005-12-31
CVE-2005-3626 [MEDIUM] CWE-399 CVE-2005-3626: Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and oth Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
nvd
CVE-2004-1142P4MEDIUMCVSS 5.0v9.0v10.02004-12-15
CVE-2004-1142 [MEDIUM] CVE-2004-1142: Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.
nvd
CVE-2004-1139P4MEDIUMCVSS 5.0v9.0v10.02004-12-15
CVE-2004-1139 [MEDIUM] CVE-2004-1139: Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attacke Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).
nvd
CVE-2000-0701P4MEDIUMCVSS 4.6v4.1v4.2+2 more2000-10-20
CVE-2000-0701 [MEDIUM] CVE-2000-0701: The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format stri The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges.
nvd
CVE-2001-1375P4MEDIUMCVSS 4.6v6.0v7.02001-07-19
CVE-2001-1375 [MEDIUM] CVE-2001-1375: tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before othe tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library that is under a user-controlled directory.
nvd
CVE-2004-0535P4LOWCVSS 2.1v8.0v9.02004-08-06
CVE-2004-0535 [LOW] CVE-2004-0535: The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before usin The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.
nvd
CVE-2001-0178P4LOWCVSS 2.1v6.02001-03-26
CVE-2001-0178 [LOW] CVE-2001-0178: kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges.
nvd
CVE-2000-0667P4LOWCVSS 3.6v4.0v4.0es+4 more2000-07-27
CVE-2000-0667 [LOW] CVE-2000-0667: Vulnerability in gpm in Caldera Linux allows local users to delete arbitrary files or conduct a deni Vulnerability in gpm in Caldera Linux allows local users to delete arbitrary files or conduct a denial of service.
nvd
CVE-2005-0207P4LOWCVSS 2.1v10.02005-05-02
CVE-2005-0207 [LOW] CVE-2005-0207: Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial o Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT.
nvd
CVE-2000-0715P4LOWCVSS 2.1v5.0v5.12000-10-20
CVE-2000-0715 [LOW] CWE-59 CVE-2000-0715: DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite arbitra DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite arbitrary files via a symlink attack on a temporary file.
nvd
CVE-2000-0633P4LOWCVSS 2.1v4.0v4.0es+4 more2000-07-18
CVE-2000-0633 [LOW] CVE-2000-0633: Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system. Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system.
nvd
Conectiva Linux vulnerabilities | cvebase