Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2004-1154

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-22 Dec, 2004 | 05:00
Updated At-08 Aug, 2024 | 00:39
Rejected At-
Credits

Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:22 Dec, 2004 | 05:00
Updated At:08 Aug, 2024 | 00:39
Rejected At:
â–¼CVE Numbering Authority (CNA)

Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.samba.org/samba/security/CAN-2004-1154.html
x_refsource_CONFIRM
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101643-1
vendor-advisory
x_refsource_SUNALERT
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10236
vdb-entry
signature
x_refsource_OVAL
http://www.securityfocus.com/bid/11973
vdb-entry
x_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/18519
vdb-entry
x_refsource_XF
http://www.redhat.com/support/errata/RHSA-2005-020.html
vendor-advisory
x_refsource_REDHAT
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A642
vdb-entry
signature
x_refsource_OVAL
http://secunia.com/advisories/13453/
third-party-advisory
x_refsource_SECUNIA
http://www.debian.org/security/2005/dsa-701
vendor-advisory
x_refsource_DEBIAN
http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html
vendor-advisory
x_refsource_APPLE
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57730-1
vendor-advisory
x_refsource_SUNALERT
http://www.idefense.com/application/poi/display?id=165&type=vulnerabilities
third-party-advisory
x_refsource_IDEFENSE
http://www.novell.com/linux/security/advisories/2004_45_samba.html
vendor-advisory
x_refsource_SUSE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1459
vdb-entry
signature
x_refsource_OVAL
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt
vendor-advisory
x_refsource_SCO
http://www.kb.cert.org/vuls/id/226184
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.samba.org/samba/security/CAN-2004-1154.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101643-1
Resource:
vendor-advisory
x_refsource_SUNALERT
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10236
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.securityfocus.com/bid/11973
Resource:
vdb-entry
x_refsource_BID
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/18519
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-020.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A642
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://secunia.com/advisories/13453/
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.debian.org/security/2005/dsa-701
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-57730-1
Resource:
vendor-advisory
x_refsource_SUNALERT
Hyperlink: http://www.idefense.com/application/poi/display?id=165&type=vulnerabilities
Resource:
third-party-advisory
x_refsource_IDEFENSE
Hyperlink: http://www.novell.com/linux/security/advisories/2004_45_samba.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1459
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt
Resource:
vendor-advisory
x_refsource_SCO
Hyperlink: http://www.kb.cert.org/vuls/id/226184
Resource:
third-party-advisory
x_refsource_CERT-VN
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.samba.org/samba/security/CAN-2004-1154.html
x_refsource_CONFIRM
x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101643-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10236
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www.securityfocus.com/bid/11973
vdb-entry
x_refsource_BID
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/18519
vdb-entry
x_refsource_XF
x_transferred
http://www.redhat.com/support/errata/RHSA-2005-020.html
vendor-advisory
x_refsource_REDHAT
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A642
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://secunia.com/advisories/13453/
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.debian.org/security/2005/dsa-701
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57730-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
http://www.idefense.com/application/poi/display?id=165&type=vulnerabilities
third-party-advisory
x_refsource_IDEFENSE
x_transferred
http://www.novell.com/linux/security/advisories/2004_45_samba.html
vendor-advisory
x_refsource_SUSE
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1459
vdb-entry
signature
x_refsource_OVAL
x_transferred
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt
vendor-advisory
x_refsource_SCO
x_transferred
http://www.kb.cert.org/vuls/id/226184
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.samba.org/samba/security/CAN-2004-1154.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101643-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10236
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.securityfocus.com/bid/11973
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/18519
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-020.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A642
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://secunia.com/advisories/13453/
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.debian.org/security/2005/dsa-701
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-57730-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: http://www.idefense.com/application/poi/display?id=165&type=vulnerabilities
Resource:
third-party-advisory
x_refsource_IDEFENSE
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2004_45_samba.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1459
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt
Resource:
vendor-advisory
x_refsource_SCO
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/226184
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:10 Jan, 2005 | 05:00
Updated At:16 Apr, 2026 | 00:27

Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Samba
samba
>>samba>>2.0.0
cpe:2.3:a:samba:samba:2.0.0:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.0.1
cpe:2.3:a:samba:samba:2.0.1:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.0.2
cpe:2.3:a:samba:samba:2.0.2:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.0.3
cpe:2.3:a:samba:samba:2.0.3:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.0.4
cpe:2.3:a:samba:samba:2.0.4:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.0.5
cpe:2.3:a:samba:samba:2.0.5:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.0.6
cpe:2.3:a:samba:samba:2.0.6:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.0.7
cpe:2.3:a:samba:samba:2.0.7:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.0.8
cpe:2.3:a:samba:samba:2.0.8:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.0.9
cpe:2.3:a:samba:samba:2.0.9:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.0.10
cpe:2.3:a:samba:samba:2.0.10:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.2.0
cpe:2.3:a:samba:samba:2.2.0:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.2.0a
cpe:2.3:a:samba:samba:2.2.0a:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.2.1a
cpe:2.3:a:samba:samba:2.2.1a:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.2.2
cpe:2.3:a:samba:samba:2.2.2:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.2.3
cpe:2.3:a:samba:samba:2.2.3:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.2.3a
cpe:2.3:a:samba:samba:2.2.3a:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.2.4
cpe:2.3:a:samba:samba:2.2.4:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.2.5
cpe:2.3:a:samba:samba:2.2.5:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.2.6
cpe:2.3:a:samba:samba:2.2.6:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.2.7
cpe:2.3:a:samba:samba:2.2.7:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.2.7a
cpe:2.3:a:samba:samba:2.2.7a:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.2.8
cpe:2.3:a:samba:samba:2.2.8:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.2.8a
cpe:2.3:a:samba:samba:2.2.8a:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.2.9
cpe:2.3:a:samba:samba:2.2.9:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.2.11
cpe:2.3:a:samba:samba:2.2.11:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.2.12
cpe:2.3:a:samba:samba:2.2.12:*:*:*:*:*:*:*
Samba
samba
>>samba>>2.2a
cpe:2.3:a:samba:samba:2.2a:*:*:*:*:*:*:*
Samba
samba
>>samba>>3.0.0
cpe:2.3:a:samba:samba:3.0.0:*:*:*:*:*:*:*
Samba
samba
>>samba>>3.0.1
cpe:2.3:a:samba:samba:3.0.1:*:*:*:*:*:*:*
Samba
samba
>>samba>>3.0.2
cpe:2.3:a:samba:samba:3.0.2:*:*:*:*:*:*:*
Samba
samba
>>samba>>3.0.2a
cpe:2.3:a:samba:samba:3.0.2a:*:*:*:*:*:*:*
Samba
samba
>>samba>>3.0.3
cpe:2.3:a:samba:samba:3.0.3:*:*:*:*:*:*:*
Samba
samba
>>samba>>3.0.4
cpe:2.3:a:samba:samba:3.0.4:*:*:*:*:*:*:*
Samba
samba
>>samba>>3.0.4
cpe:2.3:a:samba:samba:3.0.4:rc1:*:*:*:*:*:*
Samba
samba
>>samba>>3.0.5
cpe:2.3:a:samba:samba:3.0.5:*:*:*:*:*:*:*
Samba
samba
>>samba>>3.0.6
cpe:2.3:a:samba:samba:3.0.6:*:*:*:*:*:*:*
Samba
samba
>>samba>>3.0.7
cpe:2.3:a:samba:samba:3.0.7:*:*:*:*:*:*:*
Samba
samba
>>samba>>3.0.8
cpe:2.3:a:samba:samba:3.0.8:*:*:*:*:*:*:*
Samba
samba
>>samba>>3.0.9
cpe:2.3:a:samba:samba:3.0.9:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>fedora_core>>core_2.0
cpe:2.3:o:redhat:fedora_core:core_2.0:*:*:*:*:*:*:*
Red Hat, Inc.
redhat
>>fedora_core>>core_3.0
cpe:2.3:o:redhat:fedora_core:core_3.0:*:*:*:*:*:*:*
SUSE
suse
>>suse_linux>>1.0
cpe:2.3:o:suse:suse_linux:1.0:*:desktop:*:*:*:*:*
SUSE
suse
>>suse_linux>>8.1
cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*
SUSE
suse
>>suse_linux>>8.2
cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*
SUSE
suse
>>suse_linux>>9.0
cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*
SUSE
suse
>>suse_linux>>9.0
cpe:2.3:o:suse:suse_linux:9.0:*:enterprise_server:*:*:*:*:*
SUSE
suse
>>suse_linux>>9.0
cpe:2.3:o:suse:suse_linux:9.0:*:x86_64:*:*:*:*:*
SUSE
suse
>>suse_linux>>9.1
cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*
SUSE
suse
>>suse_linux>>9.2
cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txtcve@mitre.org
N/A
http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.htmlcve@mitre.org
N/A
http://secunia.com/advisories/13453/cve@mitre.org
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101643-1cve@mitre.org
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57730-1cve@mitre.org
N/A
http://www.debian.org/security/2005/dsa-701cve@mitre.org
N/A
http://www.idefense.com/application/poi/display?id=165&type=vulnerabilitiescve@mitre.org
N/A
http://www.kb.cert.org/vuls/id/226184cve@mitre.org
Third Party Advisory
US Government Resource
http://www.novell.com/linux/security/advisories/2004_45_samba.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2005-020.htmlcve@mitre.org
N/A
http://www.samba.org/samba/security/CAN-2004-1154.htmlcve@mitre.org
N/A
http://www.securityfocus.com/bid/11973cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/18519cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10236cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1459cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A642cve@mitre.org
N/A
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txtaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/13453/af854a3a-2127-422b-91ae-364da2661108
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101643-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-57730-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2005/dsa-701af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.idefense.com/application/poi/display?id=165&type=vulnerabilitiesaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.kb.cert.org/vuls/id/226184af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
US Government Resource
http://www.novell.com/linux/security/advisories/2004_45_samba.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2005-020.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.samba.org/samba/security/CAN-2004-1154.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/11973af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/18519af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10236af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1459af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A642af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/13453/
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101643-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-57730-1
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.debian.org/security/2005/dsa-701
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.idefense.com/application/poi/display?id=165&type=vulnerabilities
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.kb.cert.org/vuls/id/226184
Source: cve@mitre.org
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.novell.com/linux/security/advisories/2004_45_samba.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-020.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.samba.org/samba/security/CAN-2004-1154.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/11973
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/18519
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10236
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1459
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A642
Source: cve@mitre.org
Resource: N/A
Hyperlink: ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/13453/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-101643-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-57730-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2005/dsa-701
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.idefense.com/application/poi/display?id=165&type=vulnerabilities
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.kb.cert.org/vuls/id/226184
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.novell.com/linux/security/advisories/2004_45_samba.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2005-020.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.samba.org/samba/security/CAN-2004-1154.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/11973
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/18519
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10236
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1459
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A642
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

268Records found
CVE-2009-3953
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-83.57% / 99.65%
||
7 Day CHG~0.00%
Published-13 Jan, 2010 | 19:00
Updated-21 Apr, 2026 | 21:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-06-22||Apply updates per vendor instructions.

The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration "array boundary issue," a different vulnerability than CVE-2009-2994.

Action-Not Available
Vendor-n/aopenSUSEMicrosoft CorporationSUSEApple Inc.Adobe Inc.
Product-acrobatmac_os_xlinux_enterpriselinux_enterprise_debuginfowindowsopensusen/aAcrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2002-1318
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-51.91% / 98.81%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string.

Action-Not Available
Vendor-n/aHP Inc.Silicon Graphics, Inc.Samba
Product-cifs-9000_serveririxsamban/a
CVE-2003-0248
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.72% / 88.38%
||
7 Day CHG~0.00%
Published-05 Jun, 2003 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-linuxn/a
CVE-2002-0083
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-14.80% / 96.25%
||
7 Day CHG~0.00%
Published-25 Jun, 2002 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.

Action-Not Available
Vendor-immunixconectivaopenpkgtrustixengardelinuxn/aOpenBSDMandriva (Mandrakesoft)Red Hat, Inc.SUSE
Product-openpkglinuxmandrake_linuxmandrake_single_network_firewallsuse_linuxsecure_linuxopensshimmunixmandrake_linux_corporate_servern/a
CWE ID-CWE-193
Off-by-one Error
CVE-2001-1162
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-12.03% / 95.59%
||
7 Day CHG~0.00%
Published-25 Jun, 2002 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file.

Action-Not Available
Vendor-n/aHP Inc.Samba
Product-cifs-9000_serversamban/a
CVE-2000-1221
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-16.73% / 96.63%
||
7 Day CHG~0.00%
Published-21 Apr, 2005 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.

Action-Not Available
Vendor-n/aDebian GNU/LinuxRed Hat, Inc.Silicon Graphics, Inc.
Product-debian_linuxirixlinuxn/a
CVE-2001-0233
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-14.55% / 96.20%
||
7 Day CHG~0.00%
Published-07 May, 2001 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field.

Action-Not Available
Vendor-matthew_smithn/aDebian GNU/LinuxRed Hat, Inc.
Product-debian_linuxmicqlinuxn/a
CVE-2000-1220
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-14.22% / 96.12%
||
7 Day CHG~0.00%
Published-21 Apr, 2005 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.Red Hat, Inc.
Product-irixlinuxn/a
CVE-2001-0197
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-13.12% / 95.86%
||
7 Day CHG~0.00%
Published-07 May, 2001 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands.

Action-Not Available
Vendor-icecastn/aRed Hat, Inc.
Product-icecastlinuxn/a
CVE-2000-0800
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.21% / 86.54%
||
7 Day CHG~0.00%
Published-21 Sep, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attackers to gain root privileges.

Action-Not Available
Vendor-n/aSUSE
Product-suse_linuxn/a
CVE-2000-1044
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.45% / 82.27%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in ypbind-mt in SuSE SuSE-6.2, and possibly other Linux operating systems, allows an attacker to gain root privileges.

Action-Not Available
Vendor-n/aSUSE
Product-suse_linuxn/a
CVE-2000-0844
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-15.35% / 96.36%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

Action-Not Available
Vendor-immunixconectivatrustixturbolinuxn/aDebian GNU/LinuxMandriva (Mandrakesoft)SlackwareIBM CorporationSilicon Graphics, Inc.Sun Microsystems (Oracle Corporation)The MITRE Corporation (Caldera)Red Hat, Inc.SUSE
Product-debian_linuxsunosopenlinux_ebuilderlinuxirixopenlinuxsolarismandrake_linuxsuse_linuxturbolinuxopenlinux_eserversecure_linuxaixslackware_linuximmunixn/a
CVE-2000-1040
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.52% / 82.77%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service.

Action-Not Available
Vendor-n/aSUSE
Product-suse_linuxn/a
CVE-2000-0666
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-26.32% / 97.74%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges.

Action-Not Available
Vendor-conectivatrustixn/aDebian GNU/LinuxRed Hat, Inc.SUSE
Product-debian_linuxsecure_linuxsuse_linuxlinuxn/a
CVE-2000-0614
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.74% / 88.45%
||
7 Day CHG~0.00%
Published-19 Jul, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tnef program in Linux systems allows remote attackers to overwrite arbitrary files via TNEF encoded compressed attachments which specify absolute path names for the decompressed output.

Action-Not Available
Vendor-n/aSUSE
Product-suse_linuxn/a
CVE-2000-0248
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-73.66% / 99.40%
||
7 Day CHG~0.00%
Published-26 Apr, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-linuxn/a
CVE-2000-0491
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-17.78% / 96.78%
||
7 Day CHG~0.00%
Published-12 Jul, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request.

Action-Not Available
Vendor-n/aThe MITRE Corporation (Caldera)The GNOME ProjectSUSE
Product-suse_linuxopenlinuxgdmn/a
CVE-2000-0391
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-4.06% / 89.35%
||
7 Day CHG~0.00%
Published-12 Jul, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges.

Action-Not Available
Vendor-cygnusn/aRed Hat, Inc.MIT (Massachusetts Institute of Technology)
Product-linuxkerbnetcygnus_network_securitykerberoskerberos_5n/a
CVE-2000-0233
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-4.63% / 90.51%
||
7 Day CHG~0.00%
Published-02 Jun, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SuSE Linux IMAP server allows remote attackers to bypass IMAP authentication and gain privileges.

Action-Not Available
Vendor-n/aSUSE
Product-suse_linux_imap_servern/a
CVE-2000-0093
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.35% / 67.83%
||
7 Day CHG~0.00%
Published-08 Feb, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-linuxn/a
CVE-2000-0390
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-4.06% / 89.35%
||
7 Day CHG~0.00%
Published-12 Jul, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges.

Action-Not Available
Vendor-cygnusn/aRed Hat, Inc.MIT (Massachusetts Institute of Technology)
Product-linuxkerbnetcygnus_network_securitykerberoskerberos_5n/a
CVE-2000-1010
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-4.56% / 90.38%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters.

Action-Not Available
Vendor-n/aOpenBSDRed Hat, Inc.
Product-linuxopenbsdn/a
CVE-2000-0917
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-78.66% / 99.53%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.

Action-Not Available
Vendor-trustixn/aThe MITRE Corporation (Caldera)Red Hat, Inc.
Product-openlinux_ebuilderlinuxopenlinuxopenlinux_eserversecure_linuxopenlinux_edesktopn/a
CVE-1999-1299
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.84% / 76.22%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

rcp on various Linux systems including Red Hat 4.0 allows a "nobody" user or other user with UID of 65535 to overwrite arbitrary files, since 65535 is interpreted as -1 by chown and other system calls, which causes the calls to fail to modify the ownership of the file.

Action-Not Available
Vendor-n/aSlackwareRed Hat, Inc.
Product-linuxslackware_linuxn/a
CVE-2000-0017
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-8.94% / 94.57%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-linuxn/a
CVE-1999-1542
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.38% / 87.23%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the "MAIL FROM" command.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-linuxn/a
CVE-1999-0798
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.64% / 73.33%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type.

Action-Not Available
Vendor-scobsdin/aOpenBSDFreeBSD FoundationRed Hat, Inc.
Product-openserverlinuxbsd_osinternet_faststartfreebsdunixwareopenbsdn/a
CVE-1999-0894
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.87% / 76.64%
||
7 Day CHG~0.00%
Published-04 Jan, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Red Hat Linux screen program does not use Unix98 ptys, allowing local users to write to other terminals.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-linuxn/a
CVE-1999-0814
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.25% / 80.66%
||
7 Day CHG~0.00%
Published-04 Jan, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Red Hat pump DHCP client allows remote attackers to gain root access in some configurations.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-linuxn/a
CVE-1999-0810
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.13% / 79.58%
||
7 Day CHG~0.00%
Published-04 Jan, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in Samba NETBIOS name service daemon (nmbd).

Action-Not Available
Vendor-n/aSamba
Product-samban/a
CVE-1999-0426
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-10.56% / 95.20%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing.

Action-Not Available
Vendor-n/aSUSE
Product-suse_linuxn/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-1999-0368
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-39.23% / 98.41%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto.

Action-Not Available
Vendor-scowashington_universityproftpd_projectn/aDebian GNU/LinuxSlackwareRed Hat, Inc.The MITRE Corporation (Caldera)
Product-debian_linuxopenserverlinuxopenlinuxwu-ftpdunixwareslackware_linuxproftpdn/a
CVE-1999-0002
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-27.86% / 97.84%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems.

Action-Not Available
Vendor-bsdin/aThe MITRE Corporation (Caldera)Red Hat, Inc.
Product-bsd_oslinuxopenlinuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-1999-0192
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-9.85% / 94.95%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable.

Action-Not Available
Vendor-n/aSlackwareRed Hat, Inc.
Product-linuxslackware_linuxn/a
CVE-1999-0182
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-9.51% / 94.82%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Samba has a buffer overflow which allows a remote attacker to obtain root access by specifying a long password.

Action-Not Available
Vendor-n/aSamba
Product-samban/a
CVE-1999-0042
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-12.83% / 95.78%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in University of Washington's implementation of IMAP and POP servers.

Action-Not Available
Vendor-bsdiuniversity_of_washingtonn/aRed Hat, Inc.The MITRE Corporation (Caldera)IBM Corporation
Product-linuxopenlinuxbsd_osaixpopimapn/a
CVE-1999-0009
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-29.01% / 97.91%
||
7 Day CHG+10.72%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.

Action-Not Available
Vendor-scodata_generalbsdin/aInternet Systems Consortium, Inc.IBM CorporationSilicon Graphics, Inc.NetBSDNEC CorporationSun Microsystems (Oracle Corporation)The MITRE Corporation (Caldera)Red Hat, Inc.
Product-sunosirixopenlinuxlinuxsolarisbsd_osdg_uxaixunixwareasl_ux_4800bindnetbsdopen_desktopn/a
CVE-1999-0043
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-44.84% / 98.61%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others.

Action-Not Available
Vendor-bsdin/absdiNetscape (Yahoo Inc.)Internet Systems Consortium, Inc.NEC CorporationRed Hat, Inc.The MITRE Corporation (Caldera)
Product-linuxopenlinuxgoah_intrasvbsd_osnews_serverinngoah_networksvn/absd_oslinuxopenlinuxgoah_intrasvgoah_networksvnews_serverinn
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-1999-0011
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.4||MEDIUM
EPSS-5.47% / 91.73%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.

Action-Not Available
Vendor-scodata_generaln/aInternet Systems Consortium, Inc.IBM CorporationNetBSDNEC CorporationSun Microsystems (Oracle Corporation)Red Hat, Inc.
Product-openserversunoslinuxunixdg_uxaixunixwareasl_ux_4800bindnetbsdopen_desktopn/a
CWE ID-CWE-1067
Excessive Execution of Sequential Searches of Data Resource
CVE-2000-0322
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-41.63% / 98.50%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell metacharacters.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-linuxn/a
CVE-2008-0003
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-10||HIGH
EPSS-7.81% / 93.90%
||
7 Day CHG~0.00%
Published-08 Jan, 2008 | 20:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the PAMBasicAuthenticator::PAMCallback function in OpenPegasus CIM management server (tog-pegasus), when compiled to use PAM and without PEGASUS_USE_PAM_STANDALONE_PROC defined, might allow remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2007-5360.

Action-Not Available
Vendor-openpegasusn/aRed Hat, Inc.
Product-enterprise_linuxenterprise_linux_desktopmanagement_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-1999-0832
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.46% / 87.51%
||
7 Day CHG~0.00%
Published-02 Jun, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname.

Action-Not Available
Vendor-n/aDebian GNU/LinuxRed Hat, Inc.
Product-debian_linuxlinuxn/a
CVE-2007-4074
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-5.43% / 91.68%
||
7 Day CHG~0.00%
Published-30 Jul, 2007 | 17:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The default configuration of Centre for Speech Technology Research (CSTR) Festival 1.95 beta (aka 2.0 beta) on Gentoo Linux, SUSE Linux, and possibly other distributions, is run locally with elevated privileges without requiring authentication, which allows local and remote attackers to execute arbitrary commands via the local daemon on port 1314, a different vulnerability than CVE-2001-0956. NOTE: this issue is local in some environments, but remote on others.

Action-Not Available
Vendor-centre_for_speech_technology_researchn/aSUSE
Product-gentoo_linuxsuse_linuxn/a
CVE-2019-7609
Matching Score-8
Assigner-Elastic
ShareView Details
Matching Score-8
Assigner-Elastic
CVSS Score-9.8||CRITICAL
EPSS-95.34% / 99.86%
||
7 Day CHG~0.00%
Published-25 Mar, 2019 | 00:00
Updated-07 Nov, 2025 | 19:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-07-10||Apply updates per vendor instructions.

Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands with permissions of the Kibana process on the host system.

Action-Not Available
Vendor-Elasticsearch BVRed Hat, Inc.
Product-openshift_container_platformkibanaKibanaKibana
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2007-1007
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-10||HIGH
EPSS-7.03% / 93.36%
||
7 Day CHG~0.00%
Published-20 Feb, 2007 | 17:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in GnomeMeeting 1.0.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the name, which is not properly handled in a call to the gnomemeeting_log_insert function.

Action-Not Available
Vendor-ekigan/aRed Hat, Inc.
Product-enterprise_linux_desktopekigaenterprise_linuxn/a
CVE-2007-0910
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.27% / 86.82%
||
7 Day CHG~0.00%
Published-13 Feb, 2007 | 23:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors.

Action-Not Available
Vendor-trustixn/aThe PHP Group
Product-phpsecure_linuxn/a
CVE-2019-3689
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-5.1||MEDIUM
EPSS-1.50% / 70.95%
||
7 Day CHG~0.00%
Published-19 Sep, 2019 | 13:27
Updated-17 Sep, 2024 | 04:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
nfs-utils: root-owned files stored in insecure /var/lib/nfs directory

The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2 the directory /var/lib/nfs is owned by statd:nogroup. This directory contains files owned and managed by root. If statd is compromised, it can therefore trick processes running with root privileges into creating/overwriting files anywhere on the system.

Action-Not Available
Vendor-linux-nfsSUSE
Product-linux_enterprise_servernfs-utilsSUSE Linux Enterprise Server 15SUSE Linux Enterprise Server 12
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2016-2315
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-17.98% / 96.81%
||
7 Day CHG+0.93%
Published-08 Apr, 2016 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow.

Action-Not Available
Vendor-git-scmn/aopenSUSESUSE
Product-suse_linux_enterprise_serverlinux_enterprise_debuginfoleaplinux_enterprise_servergitopenstack_cloudlinux_enterprise_software_development_kitopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2006-5616
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.42% / 87.36%
||
7 Day CHG+0.03%
Published-31 Oct, 2006 | 01:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in OpenPBS, as used in SUSE Linux 9.2 through 10.1, allow attackers to execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-openpbsn/aSUSE
Product-suse_linuxopenpbsn/a
CVE-2006-6235
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-5.67% / 91.99%
||
7 Day CHG~0.00%
Published-07 Dec, 2006 | 11:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory.

Action-Not Available
Vendor-gpg4winrpathn/aSlackwareUbuntuGNURed Hat, Inc.
Product-privacy_guardubuntu_linuxenterprise_linux_desktoplinux_advanced_workstationlinuxgpg4winslackware_linuxfedora_coreenterprise_linuxn/a
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found