OVAL Definitions - Family: unix

Filter: Compliance Inventory Patch Vulnerability All
Title Definition Id Class Family
The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle t... oval:org.mitre.oval:def:10360 Vulnerability unix
The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (mem... oval:org.mitre.oval:def:11355 Vulnerability unix
The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metac... oval:org.mitre.oval:def:10008 Vulnerability unix
The smserver service should be enabled or disabled as appropriate oval:gov.irs.sol10:def:20 Compliance unix
The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux ker... oval:org.mitre.oval:def:9053 Vulnerability unix
The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kerne... oval:org.mitre.oval:def:11182 Vulnerability unix
The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote attackers to cause a denial of service (CPU and mem... oval:org.mitre.oval:def:11258 Vulnerability unix
The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash... oval:org.mitre.oval:def:9721 Vulnerability unix
The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.7 allows remote attackers to cause a denial of s... oval:org.mitre.oval:def:11633 Vulnerability unix
The SNMP service should be enabled or disabled as appropriate. oval:gov.irs.sol10:def:49 Compliance unix
The snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause ... oval:org.mitre.oval:def:11318 Vulnerability unix
The SOCKS proxy implementation in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE ... oval:org.mitre.oval:def:11115 Vulnerability unix
The sock_getsockopt function in net/core/sock.c in the Linux kernel before 2.6.28.6 does not initialize a certain struct... oval:org.mitre.oval:def:11653 Vulnerability unix
The Solaris print server functionality should be enabled or disabled as appropriate. oval:gov.irs.sol10:def:47 Compliance unix
The Solaris rpc.metad(1M) Daemon is Vulnerable to a Denial of Service (DoS) Attack oval:org.mitre.oval:def:5698 Vulnerability unix
The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a ... oval:org.mitre.oval:def:10589 Vulnerability unix
The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kde... oval:org.mitre.oval:def:10969 Vulnerability unix
The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 through 1.2.12 uses a sizeof operator o... oval:org.mitre.oval:def:10324 Vulnerability unix
The SPNEGO dissector in Ethereal 0.9.8 to 0.10.3 allows remote attackers to cause a denial of service (crash) via unknow... oval:org.mitre.oval:def:9695 Vulnerability unix
The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) 1.5 through 1... oval:org.mitre.oval:def:10044 Vulnerability unix
The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory... oval:org.mitre.oval:def:10071 Vulnerability unix
The squid package should not be installed oval:gov.irs.rhel5:def:306 Compliance unix
The squid package should not be installed oval:org.fedoraproject.f13:def:306 Compliance unix
The SSCOP dissector in Wireshark (formerly Ethereal) before 0.99.3 allows remote attackers to cause a denial of service ... oval:org.mitre.oval:def:11801 Vulnerability unix
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly ... oval:org.mitre.oval:def:9580 Vulnerability unix
The SSL/TLS server implementation in OpenSSL 0.9.7 before 0.9.7h and 0.9.8 before 0.9.8a, when using the SSL_OP_MSIE_SSL... oval:org.mitre.oval:def:11454 Vulnerability unix
The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial o... oval:org.mitre.oval:def:22420 Vulnerability unix
The sslConnectTimeout function in ssl.c for Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of ... oval:org.mitre.oval:def:10522 Vulnerability unix
The ssm_i emulation in Xen 5.1 on IA64 architectures allows attackers to cause a denial of service (dom0 panic) via cert... oval:org.mitre.oval:def:10226 Vulnerability unix
The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 and earlier allocates memory based on 16 bit leng... oval:org.mitre.oval:def:9106 Vulnerability unix

OVAL Definitions By Referenced Objects

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html