Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gentoo vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2007-1856
Vixie Cron prior to 4.1-r10 on Gentoo Linux is installed with insecure permissions, which allows local users to cause a denial of service (cron failure) by creating hard links, which results in a failed st_nlink check in database.c.
Paul Vixie Vixie Cron
7.8
CVSSv2
CVE-2007-2026
The gnu regular expression code in file 4.20 allows context-dependent malicious users to cause a denial of service (CPU consumption) via a crafted document with a large number of line feed characters, which is not well handled by OS/2 REXX regular expressions that use wildcards, ...
Amavis Virus Scanner
Gentoo File 4.20
4.3
CVSSv2
CVE-2007-1500
The Linux Security Auditing Tool (LSAT) allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using /tmp/lsat1.lsat.
Gentoo Linux
8.5
CVSSv2
CVE-2006-7094
ftpd, as used by Gentoo and Debian Linux, sets the gid to the effective uid instead of the effective group id before executing /bin/ls, which allows remote authenticated users to list arbitrary directories with the privileges of gid 0 and possibly enable additional attack vectors...
Ftpd Ftpd
5
CVSSv2
CVE-2007-0664
thttpd prior to 2.25b-r6 in Gentoo Linux is started from the system root directory (/) by the Gentoo baselayout 1.12.6 package, which allows remote malicious users to read arbitrary files.
Acme Labs Thttpd
4.6
CVSSv2
CVE-2007-0476
The gencert.sh script, when installing OpenLDAP prior to 2.1.30-r10, 2.2.x prior to 2.2.28-r7, and 2.3.x prior to 2.3.30-r2 as an ebuild in Gentoo Linux, does not create temporary directories in /tmp securely during emerge, which allows local users to overwrite arbitrary files vi...
Gentoo Linux 2.2.28
Gentoo Linux 2.3.30
Gentoo Linux 2.1.30
7.5
CVSSv2
CVE-2006-3355
Heap-based buffer overflow in httpdget.c in mpg123 prior to 0.59s-rll allows remote malicious users to execute arbitrary code via a long URL, which is not properly terminated before being used with the strncpy function. NOTE: This appears to be the result of an incomplete patch f...
Mpg123 Mpg123 Pre0.59s R11
1 EDB exploit
5
CVSSv2
CVE-2006-3005
The JPEG library in media-libs/jpeg prior to 6b-r7 on Gentoo Linux is built without the -maxmem feature, which could allow context-dependent malicious users to cause a denial of service (memory exhaustion) via a crafted JPEG file that exceeds the intended memory limits.
Gentoo Media-libs Jpeg 6b
Gentoo Linux
7.5
CVSSv2
CVE-2006-1539
Multiple buffer overflows in the checkscores function in scores.c in tetris-bsd in bsd-games prior to 2.17-r1 in Gentoo Linux might allow local users with games group membership to gain privileges by modifying tetris-bsd.scores to contain crafted executable content, which is exec...
Bsd-games Tetris-bsd Gold
4.6
CVSSv2
CVE-2006-1390
The configuration of NetHack 3.4.3-r1 and previous versions, Falcon's Eye 1.9.4a and previous versions, and Slash'EM 0.0.760 and previous versions on Gentoo Linux allows local users in the games group to modify saved games files to execute arbitrary code via buffer over...
Gentoo Linux 1.4
Gentoo Linux 1.1a
Gentoo Linux 1.2
Gentoo Linux 0.5
Gentoo Linux 0.7
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2024-34351
CVE-2024-1076
CVE-2024-25522
CVE-2024-34547
CVE-2024-4644
unauthorized
remote
CVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »