Secure Linux

secure_linux

Vendor: Trustix • 65 CVEs

CVEs (65)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2004-0497 7Conectiva GentooLinux+4 more 9Enterprise Linux LinuxLinux+6 more Apr 16, 2026 Dec 6, 2004 N/A· v4 N/A· v3 2.1 LOW· v2 Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.
CVE-2004-0415 3Linux RedhatTrustix 3Fedora Core Linux KernelSecure Linux Apr 16, 2026 Nov 23, 2004 N/A· v4 N/A· v3 2.1 LOW· v2 Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory.
CVE-2004-0809 8Apache DebianGentoo+5 more 12Debian Linux Enterprise LinuxEnterprise Linux Desktop+9 more Apr 16, 2026 Sep 16, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.
CVE-2004-0801 4Conectiva Linuxprinting.orgSun+1 more 4Foomatic Filters Java Desktop SystemLinux+1 more Apr 16, 2026 Sep 16, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows local users or remote attackers with access to CUPS to execute arbitrary commands.
CVE-2004-0432 3Gentoo Proftpd ProjectTrustix 3Linux ProftpdSecure Linux Apr 16, 2026 Aug 18, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions.
CVE-2004-0421 4Libpng OpenpkgRedhat+1 more 6Enterprise Linux Enterprise Linux DesktopLibpng+3 more Apr 16, 2026 Aug 18, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creatin...Show more The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.Show less
CVE-2004-0493 5Apache AvayaGentoo+2 more 8Converged Communications Server Http ServerHttp Server+5 more Apr 16, 2026 Aug 6, 2004 N/A· v4 N/A· v3 6.4 MEDIUM· v2 The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 6...Show more The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters.Show less
CVE-2004-0686 2Samba Trustix 2Samba Secure Linux Apr 16, 2026 Jul 27, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors.
CVE-2004-0600 2Samba Trustix 2Samba Secure Linux Apr 16, 2026 Jul 27, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.
CVE-2004-0595 4Avaya PhpRedhat+1 more 8Converged Communications Server Fedora CoreIntegrated Management+5 more Apr 16, 2026 Jul 27, 2004 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web bro...Show more The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities.Show less
CVE-2004-0594 6Avaya DebianHp+3 more 6Converged Communications Server Debian LinuxHp Ux+3 more Apr 16, 2026 Jul 27, 2004 N/A· v4 N/A· v3 5.1 MEDIUM· v2 The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_l...Show more The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete.Show less
CVE-2004-2044 4Francisco Burzi OscommercePaul Laudanski+1 more 4Betanc Php Nuke Osc2nukePhp Nuke+1 more Apr 16, 2026 Jun 1, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase such as the Nuke Cops betaNC PHP-Nuke Bundle, OSCNukeLite 3.1, and OSC2Nuke 7x do not properly use the eregi() PHP function with $_SERVER['PHP_SELF'] to ide...Show more PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase such as the Nuke Cops betaNC PHP-Nuke Bundle, OSCNukeLite 3.1, and OSC2Nuke 7x do not properly use the eregi() PHP function with $_SERVER['PHP_SELF'] to identify the calling script, which allows remote attackers to directly access scripts, obtain path information via a PHP error message, and possibly gain access, as demonstrated using an HTTP request that contains the "admin.php" string.Show less
CVE-2004-0077 4Linux NetwosixRedhat+1 more 7Bigmem Kernel KernelKernel Doc+4 more Apr 16, 2026 Mar 3, 2004 N/A· v4 N/A· v3 7.2 HIGH· v2 The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors i...Show more The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985.Show less
CVE-2002-1319 2Linux Trustix 2Linux Kernel Secure Linux Apr 16, 2026 Dec 11, 2002 N/A· v4 N/A· v3 2.1 LOW· v2 The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on x86 systems, allows local users to cause a denial of service (hang) via the emulation mode, which does not properly clear TF and NT EFLAGs.
CVE-2002-0083 9Conectiva EngardelinuxImmunix+6 more 11Immunix LinuxLinux+8 more Apr 16, 2026 Mar 15, 2002 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
CVE-2001-1030 6Caldera ImmunixMandrakesoft+3 more 8Immunix LinuxMandrake Linux+5 more Apr 16, 2026 Jul 18, 2001 N/A· v4 N/A· v3 7.5 HIGH· v2 Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduc...Show more Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.Show less
CVE-2001-0169 4Mandrakesoft RedhatTrustix+1 more 5Linux Mandrake LinuxMandrake Linux Corporate Server+2 more Apr 16, 2026 Mar 26, 2001 N/A· v4 N/A· v3 2.1 LOW· v2 When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary...Show more When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.Show less
CVE-2001-0142 5Immunix MandrakesoftNational Science Foundation+2 more 5Immunix LinuxMandrake Linux+2 more Apr 16, 2026 Mar 12, 2001 N/A· v4 N/A· v3 1.2 LOW· v2 squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.
CVE-2001-0117 4Immunix MandrakesoftRedhat+1 more 5Immunix LinuxMandrake Linux+2 more Apr 16, 2026 Mar 12, 2001 N/A· v4 N/A· v3 1.2 LOW· v2 sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.
CVE-2000-0917 3Caldera RedhatTrustix 6Linux OpenlinuxOpenlinux Ebuilder+3 more Apr 16, 2026 Dec 19, 2000 N/A· v4 N/A· v3 10.0 HIGH· v2 Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.

Previous 1 234 Next