Page 25 of 130 results (0.008 seconds)

CVSS: 2.1EPSS: 0%CPEs: 93EXPL: 0

The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources. El controlador e1000 del kernel de Linux 2.4.26 y anteriores no inicializa la memoria antes de usarla, lo que permite a usuarios locales leer porciones de la memoria del kernel. NOTA: Este problema ha sido originalmente descrito incorrectamente por otras fuentes como un "desbordamiento de búfer". • ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845 http://lwn.net/Articles/91155 http://security.gentoo.org/glsa/glsa-200407-02.xml http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log http://www.mandriva.com/security/advisories?name=MDKSA-2004:062 http://www.novell.com/linux/security/advisories/2004_20_kern •

CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0

susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not properly filter shell metacharacters, which allows remote attackers to execute arbitrary commands via CGI queries. • http://secunia.com/advisories/7906 http://www.novell.com/linux/security/advisories/2003_005_susehelp.html http://www.securitytracker.com/id?1005954 • CWE-20: Improper Input Validation •

CVSS: 4.9EPSS: 0%CPEs: 77EXPL: 2

The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network. • ftp://patches.sgi.com/support/free/security/advisories/20020901-01-A http://online.securityfocus.com/archive/1/276968 http://secunia.com/advisories/18510 http://secunia.com/advisories/18562 http://secunia.com/advisories/18684 http://www.cs.ucsb.edu/~krishna/igmp_dos http://www.redhat.com/support/errata/RHSA-2006-0101.html http://www.redhat.com/support/errata/RHSA-2006-0140.html http://www.redhat.com/support/errata/RHSA-2006-0190.html http://www.redhat.com/support&# •

CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0

runlpr in the LPRng package allows the local lp user to gain root privileges via certain command line arguments. runlpr en el paquete LPRng permite al usuario lp local ganar privilegios de root mediante ciertos argumentos de línea de comandos. • http://www.iss.net/security_center/static/10525.php http://www.novell.com/linux/security/advisories/2002_040_lprng_html2ps.html http://www.securityfocus.com/bid/6077 •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0

Buffer overflows in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the i4l package on SuSE 7.3, 8.0, and possibly other operating systems, may allow local users to gain privileges. Desbordamiento de búfer en el demonio (daemon) ISDN Point to Point Protocol (PPP) del paquete i4l de SuSE 7.3, 8.0, y posiblemente otros sistemas operativos, podrían permitir a usuarios locales, la obtención de privilegios. • https://lists.opensuse.org/opensuse-security-announce/2002-08/msg00006.html •