Filtered by vendor Redhat
Subscriptions
Filtered by product Linux
Subscriptions
Total
702 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0002 | 4 Engardelinux, Mandrakesoft, Redhat and 1 more | 4 Secure Linux, Mandrake Linux, Linux and 1 more | 2025-04-03 | N/A |
| Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code. | ||||
| CVE-2002-0003 | 2 Gnu, Redhat | 2 Groff, Linux | 2025-04-03 | N/A |
| Buffer overflow in the preprocessor in groff 1.16 and earlier allows remote attackers to gain privileges via lpd in the LPRng printing system. | ||||
| CVE-2002-0004 | 8 Caldera, Debian, Freebsd and 5 more | 9 Openlinux Server, Openlinux Workstation, Debian Linux and 6 more | 2025-04-03 | N/A |
| Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice. | ||||
| CVE-2002-0006 | 2 Redhat, Xchat | 2 Linux, Xchat | 2025-04-03 | N/A |
| XChat 1.8.7 and earlier, including default configurations of 1.4.2 and 1.4.3, allows remote attackers to execute arbitrary IRC commands as other clients via encoded characters in a PRIVMSG command that calls CTCP PING, which expands the characters in the client response when the percascii variable is set. | ||||
| CVE-2002-0012 | 2 Redhat, Snmp | 3 Linux, Powertools, Snmp | 2025-04-03 | N/A |
| Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. | ||||
| CVE-2002-0353 | 2 Ethereal Group, Redhat | 3 Ethereal, Linux, Powertools | 2025-04-03 | N/A |
| The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a certain malformed packet, which causes Ethereal to allocate memory incorrectly, possibly due to zero-length fields. | ||||
| CVE-2002-0354 | 3 Mozilla, Netscape, Redhat | 3 Mozilla, Navigator, Linux | 2025-04-03 | N/A |
| The XMLHttpRequest object (XMLHTTP) in Netscape 6.1 and Mozilla 0.9.7 allows remote attackers to read arbitrary files and list directories on a client system by opening a URL that redirects the browser to the file on the client, then reading the result using the responseText property. | ||||
| CVE-2002-0363 | 2 Aladdin Enterprises, Redhat | 3 Ghostscript, Enterprise Linux, Linux | 2025-04-03 | N/A |
| ghostscript before 6.53 allows attackers to execute arbitrary commands by using .locksafe or .setsafe to reset the current pagedevice. | ||||
| CVE-2002-0380 | 2 Lbl, Redhat | 3 Tcpdump, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via an NFS packet. | ||||
| CVE-2002-0384 | 2 Redhat, Rob Flynn | 4 Enterprise Linux, Linux, Powertools and 1 more | 2025-04-03 | N/A |
| Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code. | ||||
| CVE-2002-0013 | 2 Redhat, Snmp | 3 Linux, Powertools, Snmp | 2025-04-03 | N/A |
| Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into multiple candidates, one or more for each vendor. This and other SNMP-related candidates will be updated when more accurate information is available. | ||||
| CVE-2002-0392 | 3 Apache, Debian, Redhat | 7 Http Server, Debian Linux, Enterprise Linux and 4 more | 2025-04-03 | N/A |
| Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size. | ||||
| CVE-2002-0036 | 2 Mit, Redhat | 3 Kerberos 5, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 1.2.5 allows remote attackers to cause a denial of service via a large unsigned data element length, which is later used as a negative value. | ||||
| CVE-2002-0043 | 2 Redhat, Todd Miller | 3 Linux, Powertools, Sudo | 2025-04-03 | N/A |
| sudo 1.6.0 through 1.6.3p7 does not properly clear the environment before calling the mail program, which could allow local users to gain root privileges by modifying environment variables and changing how the mail program is invoked. | ||||
| CVE-2002-0046 | 2 Linux, Redhat | 2 Linux Kernel, Linux | 2025-04-03 | N/A |
| Linux kernel, and possibly other operating systems, allows remote attackers to read portions of memory via a series of fragmented ICMP packets that generate an ICMP TTL Exceeded response, which includes portions of the memory in the response packet. | ||||
| CVE-2002-0399 | 2 Gnu, Redhat | 3 Tar, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive extraction via a (1) "/.." or (2) "./.." string, which removes the leading slash but leaves the "..", a variant of CVE-2001-1267. | ||||
| CVE-2002-0401 | 3 Debian, Ethereal, Redhat | 4 Debian Linux, Ethereal, Linux and 1 more | 2025-04-03 | 7.5 High |
| SMB dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via malformed packets that cause Ethereal to dereference a NULL pointer. | ||||
| CVE-2002-0403 | 2 Ethereal Group, Redhat | 4 Ethereal, Enterprise Linux, Linux and 1 more | 2025-04-03 | N/A |
| DNS dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet that causes Ethereal to enter an infinite loop. | ||||
| CVE-2002-0435 | 2 Gnu, Redhat | 3 Fileutils, Enterprise Linux, Linux | 2025-04-03 | N/A |
| Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a ".." directory that is higher than expected, possibly up to the root file system. | ||||
| CVE-2002-0060 | 2 Linux, Redhat | 2 Linux Kernel, Linux | 2025-04-03 | N/A |
| IRC connection tracking helper module in the netfilter subsystem for Linux 2.4.18-pre9 and earlier does not properly set the mask for conntrack expectations for incoming DCC connections, which could allow remote attackers to bypass intended firewall restrictions. | ||||