Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.45%
  • Veröffentlicht 14.09.2005 19:03:00
  • Zuletzt bearbeitet 16.06.2026 22:15:00

The raw_sendmsg function in the Linux kernel 2.6 before 2.6.13.1 allows local users to cause a denial of service (change hardware state) or read from arbitrary memory via crafted input.

  • EPSS 30.58%
  • Veröffentlicht 06.09.2005 23:03:00
  • Zuletzt bearbeitet 16.06.2026 22:15:29

ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote attackers to bypass inten...

  • EPSS 2.67%
  • Veröffentlicht 15.08.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:13:12

Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function...

  • EPSS 6.15%
  • Veröffentlicht 19.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:12:44

bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").

  • EPSS 0.53%
  • Veröffentlicht 13.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:11:42

zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.

Exploit
  • EPSS 10.79%
  • Veröffentlicht 11.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:13:11

Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request.

  • EPSS 0.31%
  • Veröffentlicht 02.05.2005 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:12:27

Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete.

  • EPSS 2.7%
  • Veröffentlicht 01.03.2005 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:06:49

Integer underflow in pppd in cbcp.c for ppp 2.4.1 allows remote attackers to cause a denial of service (daemon crash) via a CBCP packet with an invalid length value that causes pppd to access an incorrect memory location.

  • EPSS 16.16%
  • Veröffentlicht 10.01.2005 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:06:51

Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underfl...

  • EPSS 4.18%
  • Veröffentlicht 10.01.2005 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:06:56

PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safe_mode_exec_dir restrictions and execute commands outside of the intended safe_mode_exec_dir via shell metacharacters...