Turbolinux Server vulnerabilities

CVE-2004-1377 [LOW] CVE-2004-1377: The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow lo The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files.

CVE-2004-0809 [MEDIUM] CVE-2004-0809: The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.

CVE-2003-0694 [CRITICAL] CVE-2003-0694: The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.

CVE-2003-0681 [HIGH] CVE-2003-0681: A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rul A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.

CVE-2003-0370 [HIGH] CVE-2003-0370: Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.