Slackware Linux 9.1

CPE Details

Slackware Linux 9.1
slackware
slackware_linux
9.1
2007-08-23
19h16 +00:00
2011-11-08
17h21 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:slackware:slackware_linux:9.1:*:*:*:*:*:*:*

Informations

Vendor

slackware

Product

slackware_linux

Version

9.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2007-6199 2007-12-01 00h00 +00:00 rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module's hierarchy.
9.3
CVE-2007-6200 2007-12-01 00h00 +00:00 Unspecified vulnerability in rsync before 3.0.0pre6, when running a writable rsync daemon, allows remote attackers to bypass exclude, exclude_from, and filter and read or write hidden files via (1) symlink, (2) partial-dir, (3) backup-dir, and unspecified (4) dest options.
10
CVE-2007-1352 2007-04-05 23h00 +00:00 Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
3.8
CVE-2005-3624 2006-01-06 21h00 +00:00 The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
5
CVE-2005-3625 2006-01-06 21h00 +00:00 Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
10
CVE-2005-3626 2006-01-06 21h00 +00:00 Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
5
CVE-2004-0940 2004-10-26 02h00 +00:00 Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.
7.8
High
CVE-2004-0891 2004-10-21 02h00 +00:00 Buffer overflow in the MSN protocol handler for gaim 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an "unexpected sequence of MSNSLP messages" that results in an unbounded copy operation that writes to the wrong buffer.
10
CVE-2004-0880 2004-09-24 02h00 +00:00 getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a symlink attack on an mbox file.
1.2
CVE-2004-0881 2004-09-24 02h00 +00:00 getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir.
2.1
CVE-2004-0530 2004-06-08 02h00 +00:00 The PHP package in Slackware 8.1, 9.0, and 9.1, when linked against a static library, includes /tmp in the search path, which allows local users to execute arbitrary code as the PHP user by inserting shared libraries into the appropriate path.
7.2
CVE-2004-0226 2004-05-05 02h00 +00:00 Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
10
CVE-2004-0231 2004-05-05 02h00 +00:00 Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations."
2.1
CVE-2004-0232 2004-05-05 02h00 +00:00 Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
5
CVE-2004-0233 2004-05-05 02h00 +00:00 Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files.
2.1
CVE-2004-0424 2004-04-30 02h00 +00:00 Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option.
7.2
CVE-2003-0962 2003-12-10 04h00 +00:00 Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.
7.5
CVE-2003-0977 2003-12-10 04h00 +00:00 CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.
7.5
CVE-2000-0867 2001-01-22 04h00 +00:00 Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
7.2
CVE-1999-0242 2000-02-04 04h00 +00:00 Remote attackers can access mail files via POP3 in some Linux systems that are using shadow passwords.
7.5