Trustix: >> Secure Linux Security Vulnerabilities
Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.
CVSS Score
10.0
EPSS Score
0.596
Published
2004-07-27
Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors.
CVSS Score
5.0
EPSS Score
0.085
Published
2004-07-27
PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase such as the Nuke Cops betaNC PHP-Nuke Bundle, OSCNukeLite 3.1, and OSC2Nuke 7x do not properly use the eregi() PHP function with $_SERVER['PHP_SELF'] to identify the calling script, which allows remote attackers to directly access scripts, obtain path information via a PHP error message, and possibly gain access, as demonstrated using an HTTP request that contains the "admin.php" string.
CVSS Score
7.5
EPSS Score
0.011
Published
2004-06-01
The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985.
CVSS Score
7.2
EPSS Score
0.001
Published
2004-03-03
The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on x86 systems, allows local users to cause a denial of service (hang) via the emulation mode, which does not properly clear TF and NT EFLAGs.
CVSS Score
2.1
EPSS Score
0.001
Published
2002-12-11
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
CVSS Score
9.8
EPSS Score
0.041
Published
2002-03-15
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning.
CVSS Score
7.5
EPSS Score
0.002
Published
2001-07-18
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.
CVSS Score
2.1
EPSS Score
0.001
Published
2001-03-26
sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.
CVSS Score
1.2
EPSS Score
0.001
Published
2001-03-12
squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.
CVSS Score
1.2
EPSS Score
0.001
Published
2001-03-12