Gentoo Linux vulnerabilities
52 known vulnerabilities affecting gentoo/linux.
Total CVEs
52
CISA KEV
0
Public exploits
21
Exploited in wild
2
Severity breakdown
CRITICAL12HIGH23MEDIUM11LOW6
Vulnerabilities
Page 3 of 3
CVE-2004-0417P4MEDIUMCVSS 5.0v1.42004-08-06
CVE-2004-0417 [MEDIUM] CVE-2004-0417: Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through
Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space.
nvd
CVE-2004-0749P4MEDIUMCVSS 5.0v0.5v0.7+3 more2004-12-23
CVE-2004-0749 [MEDIUM] CVE-2004-0749: The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all me
The mod_authz_svn module in Subversion 1.0.7 and earlier does not properly restrict access to all metadata on unreadable paths, which could allow remote attackers to gain sensitive information via (1) svn log -v, (2) svn propget, or (3) svn blame, and other commands that follow renames.
nvd
CVE-2004-0604P4MEDIUMCVSS 5.0v1.42004-12-06
CVE-2004-0604 [MEDIUM] CVE-2004-0604: The HTTP client and server in giFT-FastTrack 0.8.6 and earlier allows remote attackers to cause a de
The HTTP client and server in giFT-FastTrack 0.8.6 and earlier allows remote attackers to cause a denial of service (crash), possibly via an empty search query, which triggers a NULL dereference.
nvd
CVE-2004-1055P4MEDIUMCVSS 6.8v1.42005-03-01
CVE-2004-1055 [MEDIUM] CVE-2004-1055: Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PmaAbsoluteUri parameter, (2) the zero_rows parameter in read_dump.php, (3) the confirm form, or (4) an error message generated by the internal phpMyAdmin parser.
nvd
CVE-2006-1390P4MEDIUMCVSS 4.6v0.5v0.7+3 more2006-03-25
CVE-2006-1390 [MEDIUM] CVE-2006-1390: The configuration of NetHack 3.4.3-r1 and earlier, Falcon's Eye 1.9.4a and earlier, and Slash'EM 0.0
The configuration of NetHack 3.4.3-r1 and earlier, Falcon's Eye 1.9.4a and earlier, and Slash'EM 0.0.760 and earlier on Gentoo Linux allows local users in the games group to modify saved games files to execute arbitrary code via buffer overflows and overwrite arbitrary files via symlink attacks.
nvd
CVE-2004-0229P4MEDIUMCVSS 4.6v1.42004-08-18
CVE-2004-0229 [MEDIUM] CVE-2004-0229: The framebuffer driver in Linux kernel 2.6.x does not properly use the fb_copy_cmap function, with u
The framebuffer driver in Linux kernel 2.6.x does not properly use the fb_copy_cmap function, with unknown impact.
nvd
CVE-2007-0476P4MEDIUMCVSS 4.6v2.1.30v2.2.28+1 more2007-01-25
CVE-2007-0476 [MEDIUM] CVE-2007-0476: The gencert.sh script, when installing OpenLDAP before 2.1.30-r10, 2.2.x before 2.2.28-r7, and 2.3.x
The gencert.sh script, when installing OpenLDAP before 2.1.30-r10, 2.2.x before 2.2.28-r7, and 2.3.x before 2.3.30-r2 as an ebuild in Gentoo Linux, does not create temporary directories in /tmp securely during emerge, which allows local users to overwrite arbitrary files via a symlink attack.
nvd
CVE-2004-1901P4MEDIUMCVSS 5.5v1.42004-12-31
CVE-2004-1901 [MEDIUM] CWE-59 CVE-2004-1901: Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on t
Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles.
nvd
CVE-2004-0881P4LOWCVSS 2.1v1.42005-01-27
CVE-2004-0881 [LOW] CVE-2004-0881: getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to w
getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir.
nvd
CVE-2004-0535P4LOWCVSS 2.1v1.42004-08-06
CVE-2004-0535 [LOW] CVE-2004-0535: The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before usin
The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources.
nvd
CVE-2004-0880P4LOWCVSS 1.2v1.42005-01-27
CVE-2004-0880 [LOW] CVE-2004-0880: getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a sy
getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a symlink attack on an mbox file.
nvd
CVE-2004-0231P4LOWCVSS 2.1v0.5v0.7+3 more2004-08-18
CVE-2004-0231 [LOW] CVE-2004-0231: Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "I
Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations."
nvd
← Previous3 / 3