Filtered by vendor Redhat
Subscriptions
Filtered by product Linux
Subscriptions
Total
700 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-0070 | 3 Gnome, Nalin Dahyabhai, Redhat | 3 Gnome-terminal, Vte, Linux | 2025-04-03 | N/A |
| VTE, as used by default in gnome-terminal terminal emulator 2.2 and as an option in gnome-terminal 2.0, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | ||||
| CVE-2003-0071 | 2 Redhat, Xfree86 Project | 3 Enterprise Linux, Linux, X11r6 | 2025-04-03 | N/A |
| The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop. | ||||
| CVE-2003-0072 | 2 Mit, Redhat | 4 Kerberos, Kerberos 5, Enterprise Linux and 1 more | 2025-04-03 | N/A |
| The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (aka "array overrun"). | ||||
| CVE-2003-0073 | 2 Oracle, Redhat | 3 Mysql, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user. | ||||
| CVE-2003-0077 | 2 Hanterm, Redhat | 3 Hanterm-xf, Enterprise Linux, Linux | 2025-04-03 | N/A |
| The hanterm (hanterm-xf) terminal emulator 2.0.5 and earlier, and possibly later versions, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. | ||||
| CVE-2003-0078 | 4 Freebsd, Openbsd, Openssl and 1 more | 6 Freebsd, Openbsd, Openssl and 3 more | 2025-04-03 | N/A |
| ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack." | ||||
| CVE-2003-0079 | 2 Hanterm, Redhat | 3 Hanterm-xf, Enterprise Linux, Linux | 2025-04-03 | N/A |
| The DEC UDK processing feature in the hanterm (hanterm-xf) terminal emulator before 2.0.5 allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop. | ||||
| CVE-2003-0081 | 2 Ethereal Group, Redhat | 3 Ethereal, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.9 allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers. | ||||
| CVE-2003-0082 | 2 Mit, Redhat | 4 Kerberos, Kerberos 5, Enterprise Linux and 1 more | 2025-04-03 | N/A |
| The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its heap (aka "buffer underrun"). | ||||
| CVE-2003-0083 | 2 Apache, Redhat | 4 Http Server, Linux, Rhel Stronghold and 1 more | 2025-04-03 | N/A |
| Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020. | ||||
| CVE-2003-0084 | 2 Mod Auth Any, Redhat | 3 Mod Auth Any, Enterprise Linux, Linux | 2025-04-03 | N/A |
| mod_auth_any package in Red Hat Enterprise Linux 2.1 and other operating systems does not properly escape arguments when calling other programs, which allows attackers to execute arbitrary commands via shell metacharacters. | ||||
| CVE-2003-0085 | 3 Hp, Redhat, Samba | 4 Cifs-9000 Server, Enterprise Linux, Linux and 1 more | 2025-04-03 | N/A |
| Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code. | ||||
| CVE-2003-0086 | 2 Redhat, Samba | 3 Enterprise Linux, Linux, Samba | 2025-04-03 | N/A |
| The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown. | ||||
| CVE-2003-0093 | 2 Lbl, Redhat | 3 Tcpdump, Enterprise Linux, Linux | 2025-04-03 | N/A |
| The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service (crash) via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop. | ||||
| CVE-2003-0102 | 3 File, Netbsd, Redhat | 4 File, Netbsd, Enterprise Linux and 1 more | 2025-04-03 | N/A |
| Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize). | ||||
| CVE-2003-0107 | 2 Redhat, Zlib | 3 Enterprise Linux, Linux, Zlib | 2025-04-03 | N/A |
| Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code. | ||||
| CVE-2003-0108 | 2 Lbl, Redhat | 3 Tcpdump, Enterprise Linux, Linux | 2025-04-03 | N/A |
| isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop. | ||||
| CVE-2003-0124 | 2 Andries Brouwer, Redhat | 3 Man, Enterprise Linux, Linux | 2025-04-03 | N/A |
| man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value "unsafe," which is then executed as a program via a system call if it is in the search path of the user who runs man. | ||||
| CVE-2003-0127 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Linux | 2025-04-03 | N/A |
| The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel. | ||||
| CVE-2003-0128 | 2 Redhat, Ximian | 2 Linux, Evolution | 2025-04-03 | N/A |
| The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malicious uuencoded (UUE) header, possibly triggering a heap-based buffer overflow. | ||||