Redhat ≫ Linux

Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable.

Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.

Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file.

pg and pb in SuSE pbpg 1.x package allows an attacker to read arbitrary files.

Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable.

Red Hat pump DHCP client allows remote attackers to gain root access in some configurations.

The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems.

Linuxconf on Red Hat Linux 6.0 and earlier does not properly disable PAM-based access to the shutdown command, which could allow local users to cause a denial of service.

Buffer overflows in Red Hat net-tools package.

The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing.