Linux: >> Linux Kernel >> 2.0.26 Security Vulnerabilities
Multiple drivers in Linux kernel 2.4.19 and earlier do not properly mark memory with the VM_IO flag, which causes incorrect reference counts and may lead to a denial of service (kernel panic) when accessing freed kernel pages.
CVSS Score
7.2
EPSS Score
0.001
Published
2005-01-21
load_elf_binary in Linux before 2.4.26 allows local users to cause a denial of service (system crash) via an ELF binary in which the interpreter is NULL.
CVSS Score
2.1
EPSS Score
0.001
Published
2004-12-31
Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in socket.c in the Linux kernel 2.4.25 and earlier allows local users to execute arbitrary code via an optlen value of -1, which causes kmalloc to allocate 0 bytes of memory.
CVSS Score
7.8
EPSS Score
0.001
Published
2004-12-31
Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote attackers to cause a denial of service (application crash) via a malformed IP packet.
CVSS Score
7.5
EPSS Score
0.078
Published
2004-12-23
Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking."
CVSS Score
4.6
EPSS Score
0.001
Published
2004-03-03
Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and earlier, when compiled with MAIL_ADMIN option enabled on a system that supports very long pathnames, might allow remote anonymous users to execute arbitrary code by uploading a file with a long pathname, which triggers the overflow when wu-ftpd constructs a notification message to the administrator.
CVSS Score
9.3
EPSS Score
0.013
Published
2003-12-31
Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201.
CVSS Score
7.5
EPSS Score
0.068
Published
2003-12-31
Cross-site scripting (XSS) vulnerability in links.php script in myPHPNuke 1.8.8, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the (1) ratenum or (2) query parameters.
CVSS Score
4.3
EPSS Score
0.003
Published
2003-12-31
Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords.
CVSS Score
5.0
EPSS Score
0.002
Published
2003-12-31
Gallery 1.3.3 creates directories with insecure permissions, which allows local users to read, modify, or delete photos.
CVSS Score
4.8
EPSS Score
0.001
Published
2003-12-31