Page 56 of 363 results (0.012 seconds)

CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0

CVE-2006-5170

https://notcve.org/view.php?id=CVE-2006-5170

pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the pam_authenticate function to return a success code even if authentication has failed, as originally reported for xscreensaver. pam_ldap en nss_ldap sobre Red Hat Enterprise Linux 4, Fedora Core 3 y anteriores, y posiblemente otras distribuciones no devuelven una condición de error cuando un servidor de directorio LDAP responde con una respuesta de control PasswordPolicyResponse, lo cual provoca que la función pam_authenticate devuelva código correcto aunque haya fallado, según lo divulgado originalmente para el xscreensaver. • http://bugzilla.padl.com/show_bug.cgi?id=291 http://rhn.redhat.com/errata/RHSA-2006-0719.html http://secunia.com/advisories/22682 http://secunia.com/advisories/22685 http://secunia.com/advisories/22694 http://secunia.com/advisories/22696 http://secunia.com/advisories/22869 http://secunia.com/advisories/23132 http://secunia.com/advisories/23428 http://security.gentoo.org/glsa/glsa-200612-19.xml http://securitytracker.com/id?1017153 http://www.debian.org/security/2006 • CWE-755: Improper Handling of Exceptional Conditions •

CVSS: 7.5EPSS: 7%CPEs: 8EXPL: 0

CVE-2006-5158 – NFS lockd deadlock

https://notcve.org/view.php?id=CVE-2006-5158

The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (process crash) and deny access to NFS exports via unspecified vectors that trigger a kernel oops (null dereference) and a deadlock. El nlmclnt_mark_reclaim en clntlock.c en NFS lockd en el kernel de Linux en versiones anteriores a 2.6.16 permite a atacantes remotos provocar una denegación de servicio (caída de proceso) y denegación de acceso a exportaciones NFS a través de vectores no especificados que desencadenan un oops en el kernel (referencia nula) y bloqueo mutuo. • http://marc.info/?l=linux-kernel&m=113476665626446&w=2 http://marc.info/?l=linux-kernel&m=113494474208973&w=2 http://rhn.redhat.com/errata/RHSA-2007-0488.html http://secunia.com/advisories/23361 http://secunia.com/advisories/23384 http://secunia.com/advisories/23752 http://secunia.com/advisories/25838 http://secunia.com/advisories/26289 http://support.avaya.com/elmodocs2/security/ASA-2007-287.htm http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2 • CWE-667: Improper Locking •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2006-3813

https://notcve.org/view.php?id=CVE-2006-3813

A regression error in the Perl package for Red Hat Enterprise Linux 4 omits the patch for CVE-2005-0155, which allows local users to overwrite arbitrary files with debugging information. Un error de regresión en el paquete Perl para Red Hat Enterprise Linux 4 omite el parche para CVE-2005-0155, lo cual permite a usuarios locales sobrescribir archivos de su elección sin información de depuración. • http://rhn.redhat.com/errata/RHSA-2006-0605.html http://secunia.com/advisories/21646 http://support.avaya.com/elmodocs2/security/ASA-2006-163.htm https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9456 https://access.redhat.com/security/cve/CVE-2006-3813 https://bugzilla.redhat.com/show_bug.cgi?id=1618172 •

CVSS: 5.0EPSS: 0%CPEs: 127EXPL: 1

CVE-2005-3626

https://notcve.org/view.php?id=CVE-2005-3626

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html http://rhn.redhat.com/errata/RHSA-2006-0177.html http://scary.beasts.org/security/CESA-2005-003.txt http://secunia.com/ • CWE-399: Resource Management Errors •

CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0

CVE-2005-3629

https://notcve.org/view.php?id=CVE-2005-3629

initscripts in Red Hat Enterprise Linux 4 does not properly handle certain environment variables when /sbin/service is executed, which allows local users with sudo permissions for /sbin/service to gain root privileges via unknown vectors. • ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U http://secunia.com/advisories/19162 http://secunia.com/advisories/19532 http://securitytracker.com/id?1015732 http://www.redhat.com/support/errata/RHSA-2006-0015.html http://www.redhat.com/support/errata/RHSA-2006-0016.html http://www.securityfocus.com/bid/17038 https://exchange.xforce.ibmcloud.com/vulnerabilities/25374 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11198 https: •