OVAL Definitions - Family: unix

Filter: Compliance Inventory Patch Vulnerability All
Title Definition Id Class Family
The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before on the x86_64 platform does not ensu... oval:org.mitre.oval:def:10870 Vulnerability unix
The load_elf_library in the Linux kernel before allows local users to cause a denial of service (kernel crash) ... oval:org.mitre.oval:def:10640 Vulnerability unix
The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7... oval:org.mitre.oval:def:10843 Vulnerability unix
The local rpc port mapping service should be enabled or disabled as appropriate oval:gov.irs.sol10:def:32 Compliance unix
The lpspool subsystem has various security oriented defects. oval:org.mitre.oval:def:5730 Vulnerability unix
The lvmcreate_initrd script in the lvm package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating sys... oval:org.mitre.oval:def:10632 Vulnerability unix
The mail component in Mozilla SeaMonkey before 1.1.19 does not properly restrict execution of scriptable plugin content,... oval:org.mitre.oval:def:10271 Vulnerability unix
The make_indexed_dir function in fs/ext4/namei.c in the Linux kernel 2.6.27 before and 2.6.28 before ... oval:org.mitre.oval:def:10342 Vulnerability unix
The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attac... oval:org.mitre.oval:def:11360 Vulnerability unix
The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.18 and NaSMail before 1.7 allows remo... oval:org.mitre.oval:def:10986 Vulnerability unix
The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4,... oval:org.mitre.oval:def:11139 Vulnerability unix
The mb_parse_str function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 sets the internal register_globals flag and... oval:org.mitre.oval:def:10245 Vulnerability unix
The md driver (drivers/md/md.c) in the Linux kernel before might allow local users to cause a denial of service... oval:org.mitre.oval:def:10396 Vulnerability unix
The mdmonitor service (Solaris 10 <= 11/06) should be enabled or disabled as appropriate oval:gov.irs.sol10:def:27 Compliance unix
The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of serv... oval:org.mitre.oval:def:10659 Vulnerability unix
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when reg... oval:org.mitre.oval:def:10896 Vulnerability unix
The MessageDigest.isEqual function in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 5.0 before Update 22,... oval:org.mitre.oval:def:11847 Vulnerability unix
The meta service should be enabled or disabled as appropriate oval:gov.irs.sol10:def:29 Compliance unix
The metaed service should be enabled or disabled as appropriate oval:gov.irs.sol10:def:30 Compliance unix
The metainit service (Solaris 10 <= 11/06) should be enabled or disabled as appropriate oval:gov.irs.sol10:def:26 Compliance unix
The metamh service should be enabled or disabled as appropriate oval:gov.irs.sol10:def:31 Compliance unix
The mincore function in the Linux kernel before does not properly lock access to user space, which has unspecif... oval:org.mitre.oval:def:9648 Vulnerability unix
The mksmbpasswd shell script (mksmbpasswd.sh) in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disab... oval:org.mitre.oval:def:10675 Vulnerability unix
The mmap function in the Linux Kernel 2.6.10 can be used to create memory maps with a start address beyond the end addre... oval:org.mitre.oval:def:10466 Vulnerability unix
The MMIO instruction decoder in the Xen hypervisor in the Linux kernel 2.6.18 in Red Hat Enterprise Linux (RHEL) 5 allow... oval:org.mitre.oval:def:11430 Vulnerability unix
The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process cras... oval:org.mitre.oval:def:9588 Vulnerability unix
The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associa... oval:org.mitre.oval:def:9248 Vulnerability unix
The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and se... oval:org.mitre.oval:def:9363 Vulnerability unix
The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location c... oval:org.mitre.oval:def:10384 Vulnerability unix
The money_format function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple (1) %i and (2) %n tokens, whic... oval:org.mitre.oval:def:10363 Vulnerability unix

OVAL Definitions By Referenced Objects

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html