OVAL Definitions - Family: unix

Filter: Compliance Inventory Patch Vulnerability All
Title Definition Id Class Family
rquotad in nfs-utils (rquota_server.c) before 1.0.6-r6 on 64-bit architectures does not properly perform an integer conv... oval:org.mitre.oval:def:10464 Vulnerability unix
rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows ... oval:org.mitre.oval:def:9495 Vulnerability unix
rsync Path Sanitation Vulnerability oval:org.mitre.oval:def:967 Vulnerability unix
Ruby 1.6.x up to 1.6.8, 1.8.x up to 1.8.2, and 1.9.0 development up to 2005-09-01 allows attackers to bypass safe level ... oval:org.mitre.oval:def:10564 Vulnerability unix
Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not properly rest... oval:org.mitre.oval:def:11602 Vulnerability unix
Runtime linker, ld.so.1 LD_PRELOAD Envvar Buffer Overflow oval:org.mitre.oval:def:3601 Vulnerability unix
rwho daemon Code Execution Vulnerability oval:org.mitre.oval:def:592 Vulnerability unix
Safe.PM Unsafe Code Execution Vulnerability oval:org.mitre.oval:def:1160 Vulnerability unix
Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via c... oval:org.mitre.oval:def:11141 Vulnerability unix
Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in ... oval:org.mitre.oval:def:9191 Vulnerability unix
Samba Arbitrary File Overwrite Vulnerability oval:org.mitre.oval:def:554 Vulnerability unix
Samba call_trans2open() Buffer Overflow oval:org.mitre.oval:def:2163 Vulnerability unix
Samba Encrypted Password DoS oval:org.mitre.oval:def:1467 Vulnerability unix
Samba file permission vulnerability oval:org.mitre.oval:def:7087 Vulnerability unix
Samba mksmboasswd Disabled Account Creation Vulnerability oval:org.mitre.oval:def:827 Vulnerability unix
Samba sharing restriction bypassing vulnerability oval:org.mitre.oval:def:7211 Vulnerability unix
scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer ... oval:org.mitre.oval:def:10411 Vulnerability unix
scanf.c in PHP 5.1.4 and earlier, and 4.4.3 and earlier, allows context-dependent attackers to execute arbitrary code vi... oval:org.mitre.oval:def:11062 Vulnerability unix
scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or s... oval:org.mitre.oval:def:9962 Vulnerability unix
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardl... oval:org.mitre.oval:def:10723 Vulnerability unix
Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character encodings in filenames of e-mail attachments, whi... oval:org.mitre.oval:def:10038 Vulnerability unix
SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for Linux kernel 2.6.17 before and 2.6.16 before 2.6.16... oval:org.mitre.oval:def:10932 Vulnerability unix
sctp in Linux kernel before allows remote attackers to cause a denial of service (OOPS) via an INIT-ACK that s... oval:org.mitre.oval:def:9822 Vulnerability unix
SCTP in Linux kernel before allows remote attackers to cause a denial of service (crash) and possibly execute ... oval:org.mitre.oval:def:9510 Vulnerability unix
sealert in setroubleshoot 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the sealert.log ... oval:org.mitre.oval:def:9705 Vulnerability unix
Security restrictions are not consistently enforced when starting applications under HP-UX 11.20. oval:org.mitre.oval:def:5364 Vulnerability unix
Security Vulnerabilities in the KSSL Kernel Module May Lead to a System Panic oval:org.mitre.oval:def:9165 Vulnerability unix
Security Vulnerability in the IP Implementation for Solaris 8 and 9 May Allow a Denial of Service oval:org.mitre.oval:def:9127 Vulnerability unix
Security Vulnerabilities in GNU tar (see gtar(1)) May Lead to Files Being Overwritten, Execution of Arbitrary Code, or a... oval:org.mitre.oval:def:8599 Vulnerability unix
Security Vulnerabilities in the Apache 2 "mod_perl2" Module Components "Status.pm" May Lead to Denial of Service (DoS) o... oval:org.mitre.oval:def:8488 Vulnerability unix

OVAL Definitions By Referenced Objects

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html