Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for Red Hat Linux by Red Hat, Inc.

    JVNDB-2004-000170

    Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2004/JVNDB-2004-000170.html",
      "dc:date": "2008-05-21T00:00+09:00",
      "dcterms:issued": "2008-05-21T00:00+09:00",
      "dcterms:modified": "2008-05-21T00:00+09:00",
      "description": "LHa for UNIX is vulnerable to directory traversal due to improper path validation when testing or extracting an archive.",
      "link": "https://jvndb.jvn.jp/en/contents/2004/JVNDB-2004-000170.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:lha_for_unix_project:lha_for_unix",
          "@product": "LHa for UNIX",
          "@vendor": "LHa for UNIX project",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:enterprise_linux",
          "@product": "Red Hat Enterprise Linux",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:enterprise_linux_desktop",
          "@product": "Red Hat Enterprise Linux Desktop",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:linux",
          "@product": "Red Hat Linux",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:linux_advanced_workstation",
          "@product": "Red Hat Linux Advanced Workstation",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "6.4",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2004-000170",
      "sec:references": [
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0235",
          "@id": "CVE-2004-0235",
          "@source": "CVE"
        },
        {
          "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2004-0235",
          "@id": "CVE-2004-0235",
          "@source": "NVD"
        },
        {
          "#text": "http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:978",
          "@id": "978",
          "@source": "OVAL"
        },
        {
          "#text": "http://www.securityfocus.com/bid/10243",
          "@id": "10243",
          "@source": "BID"
        },
        {
          "#text": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2",
          "@id": "LHA Advisory + Patch",
          "@source": "BID"
        },
        {
          "#text": "http://xforce.iss.net/xforce/xfdb/16013",
          "@id": "16013",
          "@source": "XF"
        }
      ],
      "title": "Lha Directory Traversal Vulnerability in Testing and Extracting Process"
    }

    JVNDB-2003-000242

    Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00
    Severity
    N/A (UNKNOWN) - -
    Summary
    skk Arbitrary Code Execution Vulnerability
    Details
    skk (Simple Kana to Kanji conversion software) would create an insecure temporary file without taking proper security precautions.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2003/JVNDB-2003-000242.html",
      "dc:date": "2008-05-21T00:00+09:00",
      "dcterms:issued": "2008-05-21T00:00+09:00",
      "dcterms:modified": "2008-05-21T00:00+09:00",
      "description": "skk (Simple Kana to Kanji conversion software) would create an insecure temporary file without taking proper security precautions.",
      "link": "https://jvndb.jvn.jp/en/contents/2003/JVNDB-2003-000242.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:skk:skk",
          "@product": "SKK",
          "@vendor": "SKK Openlab",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:linux",
          "@product": "Red Hat Linux",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "4.6",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2003-000242",
      "sec:references": [
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0539",
          "@id": "CVE-2003-0539",
          "@source": "CVE"
        },
        {
          "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2003-0539",
          "@id": "CVE-2003-0539",
          "@source": "NVD"
        },
        {
          "#text": "http://www.securityfocus.com/bid/8144",
          "@id": "8144",
          "@source": "BID"
        }
      ],
      "title": "skk Arbitrary Code Execution Vulnerability"
    }

    JVNDB-2002-000291

    Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00
    Severity
    N/A (UNKNOWN) - -
    Summary
    Canna irw_through Buffer Overflow Vulnerability
    Details
    Canna contains a buffer overflow vulnerability in the irw_through function.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2002/JVNDB-2002-000291.html",
      "dc:date": "2008-05-21T00:00+09:00",
      "dcterms:issued": "2008-05-21T00:00+09:00",
      "dcterms:modified": "2008-05-21T00:00+09:00",
      "description": "Canna contains a buffer overflow vulnerability in the irw_through function.",
      "link": "https://jvndb.jvn.jp/en/contents/2002/JVNDB-2002-000291.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:canna:canna",
          "@product": "Canna",
          "@vendor": "Canna Project.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:linux",
          "@product": "Red Hat Linux",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "7.2",
        "@severity": "High",
        "@type": "Base",
        "@vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2002-000291",
      "sec:references": [
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1158",
          "@id": "CVE-2002-1158",
          "@source": "CVE"
        },
        {
          "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2002-1158",
          "@id": "CVE-2002-1158",
          "@source": "NVD"
        },
        {
          "#text": "http://www.securityfocus.com/bid/6351",
          "@id": "6351",
          "@source": "BID"
        },
        {
          "#text": "http://xforce.iss.net/xforce/xfdb/10831",
          "@id": "10831",
          "@source": "XF"
        }
      ],
      "title": "Canna irw_through Buffer Overflow Vulnerability"
    }

    JVNDB-2004-000169

    Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2004/JVNDB-2004-000169.html",
      "dc:date": "2008-05-21T00:00+09:00",
      "dcterms:issued": "2008-05-21T00:00+09:00",
      "dcterms:modified": "2008-05-21T00:00+09:00",
      "description": "LHa for UNIX does not handle the header length information properly when testing or extracting an archive, which could lead to buffer overflow.",
      "link": "https://jvndb.jvn.jp/en/contents/2004/JVNDB-2004-000169.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:lha_for_unix_project:lha_for_unix",
          "@product": "LHa for UNIX",
          "@vendor": "LHa for UNIX project",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:enterprise_linux",
          "@product": "Red Hat Enterprise Linux",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:enterprise_linux_desktop",
          "@product": "Red Hat Enterprise Linux Desktop",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:linux",
          "@product": "Red Hat Linux",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:linux_advanced_workstation",
          "@product": "Red Hat Linux Advanced Workstation",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "10.0",
        "@severity": "High",
        "@type": "Base",
        "@vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2004-000169",
      "sec:references": [
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0234",
          "@id": "CVE-2004-0234",
          "@source": "CVE"
        },
        {
          "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2004-0234",
          "@id": "CVE-2004-0234",
          "@source": "NVD"
        },
        {
          "#text": "http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:977",
          "@id": "977",
          "@source": "OVAL"
        },
        {
          "#text": "http://www.securityfocus.com/bid/10243",
          "@id": "10243",
          "@source": "BID"
        },
        {
          "#text": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2",
          "@id": "LHA Advisory + Patch",
          "@source": "BID"
        },
        {
          "#text": "http://xforce.iss.net/xforce/xfdb/16012",
          "@id": "16012",
          "@source": "XF"
        },
        {
          "#text": "http://securitytracker.com/id?1015866",
          "@id": "1015866",
          "@source": "SECTRACK"
        },
        {
          "#text": "http://www.frsirt.com/english/advisories/2006/1220",
          "@id": "FrSIRT/ADV-2006-1220",
          "@source": "FRSIRT"
        },
        {
          "#text": "http://osvdb.org/5753",
          "@id": "5753",
          "@source": "OSVDB"
        },
        {
          "#text": "http://osvdb.org/5754",
          "@id": "5754",
          "@source": "OSVDB"
        }
      ],
      "title": "LHa Vuffer Overflow Vulnerability in Testing and Extracting Process"
    }

    JVNDB-2003-000163

    Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00
    Severity
    N/A (UNKNOWN) - -
    Summary
    KON2 Buffer Overflow Vulnerability in Command Argument Validation
    Details
    KON (Kanji ON Linux console), provided by Linux Japan RPM Project, contains a buffer overflow vulnerability due to improper validation of command line arguments.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2003/JVNDB-2003-000163.html",
      "dc:date": "2008-05-21T00:00+09:00",
      "dcterms:issued": "2008-05-21T00:00+09:00",
      "dcterms:modified": "2008-05-21T00:00+09:00",
      "description": "KON (Kanji ON Linux console), provided by Linux Japan RPM Project, contains a buffer overflow vulnerability due to improper validation of command line arguments.",
      "link": "https://jvndb.jvn.jp/en/contents/2003/JVNDB-2003-000163.html",
      "sec:cpe": [
        {
          "#text": "cpe:/o:misc:miraclelinux_asianux_server",
          "@product": "Asianux Server",
          "@vendor": "Cybertrust Japan Co., Ltd.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:linux",
          "@product": "Red Hat Linux",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "7.2",
        "@severity": "High",
        "@type": "Base",
        "@vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2003-000163",
      "sec:references": [
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1155",
          "@id": "CVE-2002-1155",
          "@source": "CVE"
        },
        {
          "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2002-1155",
          "@id": "CVE-2002-1155",
          "@source": "NVD"
        },
        {
          "#text": "http://www.securityfocus.com/bid/7790",
          "@id": "7790",
          "@source": "BID"
        }
      ],
      "title": "KON2 Buffer Overflow Vulnerability in Command Argument Validation"
    }

    JVNDB-2003-000029

    Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00
    Severity
    N/A (UNKNOWN) - -
    Summary
    w3m Cross-Site Scripting Vulnerability
    Details
    w3m contains a cross-site scripting vulnerability due to insufficient sanitization of HTML tags in the frame.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2003/JVNDB-2003-000029.html",
      "dc:date": "2008-05-21T00:00+09:00",
      "dcterms:issued": "2008-05-21T00:00+09:00",
      "dcterms:modified": "2008-05-21T00:00+09:00",
      "description": "w3m contains a cross-site scripting vulnerability due to insufficient sanitization of HTML tags in the frame.",
      "link": "https://jvndb.jvn.jp/en/contents/2003/JVNDB-2003-000029.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:w3m_project:w3m",
          "@product": "w3m",
          "@vendor": "w3m project",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:linux",
          "@product": "Red Hat Linux",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "4.3",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2003-000029",
      "sec:references": [
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1335",
          "@id": "CVE-2002-1335",
          "@source": "CVE"
        },
        {
          "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2002-1335",
          "@id": "CVE-2002-1335",
          "@source": "NVD"
        },
        {
          "#text": "http://www.securityfocus.com/bid/6793",
          "@id": "6793",
          "@source": "BID"
        },
        {
          "#text": "http://xforce.iss.net/xforce/xfdb/10842",
          "@id": "10842",
          "@source": "XF"
        },
        {
          "#text": "http://www.osvdb.org/6981",
          "@id": "6981",
          "@source": "OSVDB"
        }
      ],
      "title": "w3m Cross-Site Scripting Vulnerability"
    }

    JVNDB-2003-000030

    Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00
    Severity
    N/A (UNKNOWN) - -
    Summary
    w3m Vulnerability of Unauthorized Access to Files or Cookies
    Details
    w3m fails to properly escape HTML tags in the ALT attribute of an IMG tag, which could allow an attacker to access files or cookies.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2003/JVNDB-2003-000030.html",
      "dc:date": "2008-05-21T00:00+09:00",
      "dcterms:issued": "2008-05-21T00:00+09:00",
      "dcterms:modified": "2008-05-21T00:00+09:00",
      "description": "w3m fails to properly escape HTML tags in the ALT attribute of an IMG tag, which could allow an attacker to access files or cookies.",
      "link": "https://jvndb.jvn.jp/en/contents/2003/JVNDB-2003-000030.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:w3m_project:w3m",
          "@product": "w3m",
          "@vendor": "w3m project",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:linux",
          "@product": "Red Hat Linux",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "5.0",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2003-000030",
      "sec:references": [
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1348",
          "@id": "CVE-2002-1348",
          "@source": "CVE"
        },
        {
          "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2002-1348",
          "@id": "CVE-2002-1348",
          "@source": "NVD"
        },
        {
          "#text": "http://www.securityfocus.com/bid/6794",
          "@id": "6794",
          "@source": "BID"
        },
        {
          "#text": "http://xforce.iss.net/xforce/xfdb/11266",
          "@id": "11266",
          "@source": "XF"
        }
      ],
      "title": "w3m Vulnerability of Unauthorized Access to Files or Cookies"
    }

    JVNDB-2003-000149

    Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2003/JVNDB-2003-000149.html",
      "dc:date": "2008-05-21T00:00+09:00",
      "dcterms:issued": "2008-05-21T00:00+09:00",
      "dcterms:modified": "2008-05-21T00:00+09:00",
      "description": "lv contains a vulnerability of reading and running a .lv file in the current directry.",
      "link": "https://jvndb.jvn.jp/en/contents/2003/JVNDB-2003-000149.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:lv:lv",
          "@product": "lv",
          "@vendor": "NARITA Tomio ",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:misc:miraclelinux_asianux_server",
          "@product": "Asianux Server",
          "@vendor": "Cybertrust Japan Co., Ltd.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:enterprise_linux",
          "@product": "Red Hat Enterprise Linux",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:linux",
          "@product": "Red Hat Linux",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:redhat:linux_advanced_workstation",
          "@product": "Red Hat Linux Advanced Workstation",
          "@vendor": "Red Hat, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_server",
          "@product": "Turbolinux Server",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/o:turbolinux:turbolinux_workstation",
          "@product": "Turbolinux Workstation",
          "@vendor": "Turbolinux, Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "7.2",
        "@severity": "High",
        "@type": "Base",
        "@vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2003-000149",
      "sec:references": [
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0188",
          "@id": "CVE-2003-0188",
          "@source": "CVE"
        },
        {
          "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2003-0188",
          "@id": "CVE-2003-0188",
          "@source": "NVD"
        },
        {
          "#text": "http://www.securityfocus.com/bid/7613",
          "@id": "7613",
          "@source": "BID"
        }
      ],
      "title": "lv Arbitrary Command Execution Vulnerability"
    }