Ubuntu

Ubuntu Linux

65 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.7

CVE-2005-0988

  • EPSS 0.12%
  • Published 02.05.2005 04:00:00
  • Last modified 03.04.2025 01:03:51

Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip af...

5

CVE-2005-0080

  • EPSS 0.39%
  • Published 02.05.2005 04:00:00
  • Last modified 03.04.2025 01:03:51

The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 displays a different error message depending on whether the e-mail address is subscribed to a private list, which allows remote attackers to determine the list membership for a gi...

2.1

CVE-2005-0077

  • EPSS 0.07%
  • Published 02.05.2005 04:00:00
  • Last modified 03.04.2025 01:03:51

The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file.

7.5

CVE-2005-0206

  • EPSS 6.53%
  • Published 27.04.2005 04:00:00
  • Last modified 03.04.2025 01:03:51

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.

7.5

CVE-2005-0754

  • EPSS 2.28%
  • Published 22.04.2005 04:00:00
  • Last modified 03.04.2025 01:03:51

Kommander in KDE 3.2 through KDE 3.4.0 executes data files without confirmation from the user, which allows remote attackers to execute arbitrary code.

6.2

CVE-2004-1235

Exploit
  • EPSS 0.08%
  • Published 14.04.2005 04:00:00
  • Last modified 03.04.2025 01:03:51

Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.

7.2

CVE-2005-0750

  • EPSS 0.17%
  • Published 27.03.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.

5

CVE-2005-0384

  • EPSS 12.77%
  • Published 15.03.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via a pppd client.

5.6

CVE-2005-0109

  • EPSS 0.14%
  • Published 05.03.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain ...

5

CVE-2004-0983

  • EPSS 1.12%
  • Published 01.03.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request.