Redhat Enterprise Linux Workstation vulnerabilities

CVE-2005-2970 [MEDIUM] CWE-770 CVE-2005-2970: Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attac Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused for other connections.

CVE-2005-1268 [MEDIUM] CWE-193 CVE-2005-1268: Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, w Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.

CVE-2004-0642 [HIGH] CWE-415 CVE-2004-0642: Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distributio Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code.

CVE-2004-0643 [MEDIUM] CWE-415 CVE-2004-0643: Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier m Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.

CVE-2004-0488 [HIGH] CWE-787 CVE-2004-0488: Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ss Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN.