redhat enterprise linux 5 vulnerabilities and exploits

(subscribe to this query)

pam_krb5 2.2.14 in Red Hat Enterprise Linux (RHEL) 5 and earlier, when the existing_ticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME environment variable to an...

Redhat Enterprise Linux 5 Redhat Enterprise Linux Desktop 5

Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number...

Redhat Enterprise Linux 3.0 Redhat Enterprise Linux Desktop Workstation 5 Redhat Linux Advanced Workstation 2.1 Redhat Desktop 3 Redhat Enterprise Linux 4.0 Redhat Enterprise Linux 2.1 Redhat Enterprise Linux Desktop 4 Redhat Enterprise Linux Desktop 5 Redhat Enterprise Linux 5.01 EDB exploit available1 Github repository available

Untrusted search path vulnerability in a certain Red Hat build script for Standards Based Linux Instrumentation for Manageability (sblim) libraries before 1-13a.el4_6.1 in Red Hat Enterprise Linux (RHEL) 4, and before 1-31.el5_2.1 in RHEL 5, allows local users to gain privileges...

Redhat Enterprise Linux 5 Redhat Enterprise Linux 4

functions/imap_general.php in SquirrelMail, as used in Red Hat Enterprise Linux (RHEL) 4 and 5, does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different...

Redhat Enterprise Linux 4 Redhat Enterprise Linux 5 Squirrelmail Squirrelmail -

xinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service....

Xinetd Xinetd -Redhat Enterprise Linux 6.0 Redhat Enterprise Linux 5

The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on (a)...

Redhat Enterprise Linux 5 Redhat Enterprise Linux 6.0 Redhat Jboss Enterprise Web Server 1.0.2 Redhat Jboss Enterprise Web Server 2.0.0

The System Security Services Daemon (SSSD) 1.11.6 does not properly identify group membership when a non-POSIX group is in a group membership chain, which allows local users to bypass access restrictions via unspecified vectors....

Redhat Enterprise Linux 5 Fedoraproject Sssd 1.11.6 Redhat Enterprise Linux 6.0

Stack-based buffer overflow in the reds_handle_ticket function in server/reds.c in SPICE 0.12.0 allows remote attackers to cause a denial of service (crash) via a long password in a SPICE ticket....

Spice Project Spice 0.12.0 Redhat Enterprise Virtualization 3.0 Redhat Enterprise Linux 5 Redhat Enterprise Linux 6.0

Unspecified vulnerability in autofs, as used in Red Hat Enterprise Linux (RHEL) 5, allows local users to cause a denial of service (autofs crash and delayed mounts) or prevent "mount expiration" via unspecified vectors related to "using an LDAP-based automount...

Redhat Enterprise Linux 5

Luci in Red Hat Conga stores the user's username and password in a Base64 encoded string in the __ac session cookie, which allows attackers to gain privileges by accessing this cookie. NOTE: this issue has been SPLIT due to different vulnerability types. Use CVE-2013-7347...

Redhat Enterprise Linux 5 Redhat Conga

1 2 3 4 5 6 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook