Vulnerability Name: CVE-2005-4268 (CCN-23855) Assigned: 2005-11-07 Published: 2005-11-07 Updated: 2018-10-03 Summary: Buffer overflow in cpio 2.6-8.FC4 on 64-bit platforms, when creating a cpio archive, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a file whose size is represented by more than 8 digits. CVSS v3 Severity: 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): Low
CVSS v2 Severity: 3.7 Low (CVSS v2 Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P 2.7 Low (Temporal CVSS v2 Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): Access Complexity (AC): Authentication (Au): Impact Metrics: Confidentiality (C): Integrity (I): Availibility (A):
6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P 5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): Access Complexity (AC): Athentication (Au): Impact Metrics: Confidentiality (C): Integrity (I): Availibility (A):
Vulnerability Type: CWE-119 Vulnerability Consequences: Gain Access References: Source: FREEBSDFreeBSD-SA-06:03 CVE-2005-4268 CVE-2010-0624 CVE-2010-1168 CVE-2010-1321 CVE-2010-1447 CVE-2010-2063 MDKSA-2005:237 SUSE-SR:2006:010 VMware ESX third party updates for Service Console Low: cpio security and bug fix update Moderate: tar security update Moderate: tar security update Moderate: cpio security update Moderate: cpio security update Moderate: cpio security update Important: krb5 security update Moderate: perl security update Moderate: perl security update Critical: samba and samba3x security update Critical: java-1.6.0-sun security update Critical: java-1.5.0-ibm security update Critical: java-1.5.0-ibm security update Moderate: java-1.4.2-ibm security update Critical: java-1.6.0-ibm security and bug fix update Moderate: java-1.4.2-ibm security update Low: Red Hat Network Satellite server IBM Java Runtime security update Cpio Large File Size Handling Denial of Service Vulnerability 18251 18278 18280 18395 20117 25098 25161 GNU Cpio "rmt" Buffer Overflow Vulnerability Kerberos GSS-API NULL Pointer Dereference Vulnerability PostgreSQL Two Vulnerabilities Samba SMB1 Packet Chaining Memory Corruption Vulnerability VMware ESX Server Multiple Vulnerabilities VMware ESX Server Multiple Vulnerabilities VMware ESX / ESXi Server Update for Multiple Packages Oracle Solaris Perl Safe Module Security Bypass Oracle JRockit Multiple Vulnerabilities Avaya Communication Manager krb5 GSS-API NULL Pointer Dereference Vulnerability F5 Enterprise Manager Multiple Vulnerabilities PostgreSQL Flaws in Safe.pm and PL/Perl Let Remote Authenticated Users Gain Elevated Privileges Perl Safe Module (Safe::reval and Safe::rdo) Can Be Bypassed Samba SMB1 Packet Chaining Memory Corruption Error Lets Remote Users Execute Arbitrary Code cpio security and bug fix update (RHSA-2007-0245) Release Note: Enterprise Manager version 2.3.0 krb5 -- null pointer dereference samba -- memory corruption perl -- restriction bypass Cpio Oracle Critical Patch Update Advisory - July 2011 22194 cpio on 64-bit Large File Size Handling Overflow GNU tar rmt Client lib/rtapelib.c rmt_read__ Function Remote Overflow MIT Kerberos 5 GSS-API AP-REQ Authenticator NULL Dereference Remote DoS PostgreSQL Safe Module PL / perl Procedure Restriction Weakness Arbitrary Perl Code Execution (2010-1447) Samba smbd process.c chain_reply Function SMB1 Packet Chaining Memory Corruption RHSA-2007:0245 RHSA-2010:0145 16057 CPIO File Size Stack Buffer Overflow Vulnerability MIT Kerberos GSS-API Checksum NULL Pointer Dereference Denial Of Service Vulnerability Perl Safe Module 'reval()' and 'rdo()' CVE-2010-1447 Restriction-Bypass Vulnerabilities Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability cpio vulnerability CVE-2005-4268 cpio large filesize buffer overflow https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=172669 cpio-file-size-bo(23855) cpio-file-size-bo(23855) https://issues.rpath.com/browse/RPL-1338 oval:org.mitre.oval:def:10450 oval:org.mitre.oval:def:6860 USN-234-1 Samba security update IBM Java 6 security update IBM Java security update SUSE Security Summary Report SUSE Security Summary Report SUSE Security Summary Report SUSE Security Summary Report SUSE Security Summary Report SUSE Security Summary Report SUSE Security Summary Report Vulnerable Configuration: Configuration 1 :cpe:/a:gnu:cpio:2.6-8:*:fedora_core_4_64bit:*:*:*:*:* Configuration RedHat 1 :cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:* Configuration RedHat 2 :cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:* Configuration RedHat 3 :cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:* Configuration RedHat 4 :cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:* Configuration RedHat 5 :cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:* Vulnerability Name: CVE-2005-4268 (CCN-56803) Assigned: 2005-11-07 Published: 2005-11-07 Updated: 2010-03-09 Summary: Buffer overflow in cpio 2.6-8.FC4 on 64-bit platforms, when creating a cpio archive, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a file whose size is represented by more than 8 digits. CVSS v3 Severity: 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): Low
CVSS v2 Severity: 3.7 Low (CVSS v2 Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P 2.7 Low (Temporal CVSS v2 Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): Access Complexity (AC): Authentication (Au): Impact Metrics: Confidentiality (C): Integrity (I): Availibility (A):
6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P 5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): Access Complexity (AC): Athentication (Au): Impact Metrics: Confidentiality (C): Integrity (I): Availibility (A):
Vulnerability Consequences: Gain Access References: Source: MITRECVE-2005-4268 CVE-2010-0624 CVE-2010-1168 CVE-2010-1321 CVE-2010-1447 CVE-2010-2063 VMware ESX third party updates for Service Console Low: cpio security and bug fix update Moderate: tar security update Moderate: tar security update Moderate: cpio security update Moderate: cpio security update Moderate: cpio security update Important: krb5 security update Moderate: perl security update Moderate: perl security update Critical: samba and samba3x security update Critical: java-1.6.0-sun security update Critical: java-1.5.0-ibm security update Critical: java-1.5.0-ibm security update Moderate: java-1.4.2-ibm security update Critical: java-1.6.0-ibm security and bug fix update Moderate: java-1.4.2-ibm security update Low: Red Hat Network Satellite server IBM Java Runtime security update Cpio Large File Size Handling Denial of Service Vulnerability GNU Tar "rmt" Buffer Overflow Vulnerability GNU Cpio "rmt" Buffer Overflow Vulnerability Kerberos GSS-API NULL Pointer Dereference Vulnerability PostgreSQL Two Vulnerabilities Samba SMB1 Packet Chaining Memory Corruption Vulnerability Sun Solaris GNU Tar and GNU Cpio Buffer Overflow Vulnerability VMware ESX Server Multiple Vulnerabilities VMware ESX Server Multiple Vulnerabilities VMware ESX / ESXi Server Update for Multiple Packages Oracle Solaris Perl Safe Module Security Bypass Oracle JRockit Multiple Vulnerabilities Avaya Communication Manager krb5 GSS-API NULL Pointer Dereference Vulnerability F5 Enterprise Manager Multiple Vulnerabilities PostgreSQL Flaws in Safe.pm and PL/Perl Let Remote Authenticated Users Gain Elevated Privileges Perl Safe Module (Safe::reval and Safe::rdo) Can Be Bypassed Samba SMB1 Packet Chaining Memory Corruption Error Lets Remote Users Execute Arbitrary Code Release Note: Enterprise Manager version 2.3.0 krb5 -- null pointer dereference samba -- memory corruption perl -- restriction bypass Introduction to Cpio Tar - GNU Project - Free Software Foundation (FSF) IBM Flex System Manager (FSM) is affected by tar vulnerabilities (CVE-2010-0624 CVE-2016-6321) Oracle Critical Patch Update Advisory - July 2011 cpio on 64-bit Large File Size Handling Overflow GNU tar rmt Client lib/rtapelib.c rmt_read__ Function Remote Overflow MIT Kerberos 5 GSS-API AP-REQ Authenticator NULL Dereference Remote DoS PostgreSQL Safe Module PL / perl Procedure Restriction Weakness Arbitrary Perl Code Execution (2010-1447) Samba smbd process.c chain_reply Function SMB1 Packet Chaining Memory Corruption CPIO File Size Stack Buffer Overflow Vulnerability GNU Tar and GNU Cpio Remote Buffer Overflow Vulnerability MIT Kerberos GSS-API Checksum NULL Pointer Dereference Denial Of Service Vulnerability Perl Safe Module 'reval()' and 'rdo()' CVE-2010-1447 Restriction-Bypass Vulnerabilities Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability tar-cpio-rmtread-bo(56803) Samba security update IBM Java 6 security update IBM Java security update SUSE Security Summary Report SUSE Security Summary Report SUSE Security Summary Report SUSE Security Summary Report SUSE Security Summary Report SUSE Security Summary Report Vulnerable Configuration: Configuration RedHat 1 :cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:* Configuration RedHat 2 :cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:* Configuration RedHat 3 :cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:* Configuration RedHat 4 :cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:* Configuration RedHat 5 :cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:* Configuration CCN 1 :cpe:/a:gnu:tar:1.22:*:*:*:*:*:*:* OR cpe:/a:gnu:cpio:2.10:*:*:*:*:*:*:* AND cpe:/o:sun:solaris:9.0:*:*:*:*:sparc:*:* OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:* OR cpe:/a:quest:intrust_knowledge_pack_for_sun_solaris:10.2.5.1024:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:* OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:* OR cpe:/a:redhat:rhel_extras:4:*:*:*:*:*:*:* OR cpe:/o:novell:suse_linux_enterprise_server:10:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:* OR cpe:/o:vmware:esx:3.0.0:*:*:*:*:*:*:* OR cpe:/o:suse:novell_linux_pos:9:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:x86-64:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:* OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:* OR cpe:/o:opensuse:opensuse:11.0:*:*:*:*:*:*:* OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:* OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:* OR cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:* OR cpe:/o:mandriva:linux:2009.1:*:*:*:*:*:*:* OR cpe:/o:mandriva:linux:2009.1:*:*:*:x86_64:*:*:* OR cpe:/a:vmware:esx_server:4.0:*:*:*:*:*:*:* OR cpe:/o:mandriva:enterprise_server:5:*:*:*:*:*:*:* OR cpe:/o:mandriva:enterprise_server:5:*:*:*:x86_64:*:*:* OR cpe:/o:mandriva:linux:2010:*:*:*:x86_64:*:*:* OR cpe:/o:mandriva:linux:2010:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:* OR cpe:/h:f5:enterprise_manager:2.0:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_hpc_node_supplementary:6.0:*:*:*:*:*:*:* OR cpe:/h:ibm:flex_system_manager_node:*:*:*:*:*:*:*:* Vulnerability Name: CVE-2005-4268 (CCN-58737) Assigned: 2005-11-07 Published: 2005-11-07 Updated: 2010-05-17 Summary: Buffer overflow in cpio 2.6-8.FC4 on 64-bit platforms, when creating a cpio archive, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a file whose size is represented by more than 8 digits. CVSS v3 Severity: 5.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): LowUser Interaction (UI): RequiredScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): Low
CVSS v2 Severity: 3.7 Low (CVSS v2 Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P 2.7 Low (Temporal CVSS v2 Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): Access Complexity (AC): Authentication (Au): Impact Metrics: Confidentiality (C): Integrity (I): Availibility (A):
6.5 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P 4.8 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): Access Complexity (AC): Athentication (Au): Impact Metrics: Confidentiality (C): Integrity (I): Availibility (A):
Vulnerability Consequences: Gain Access References: Source: MITRECVE-2005-4268 CVE-2010-0624 CVE-2010-1168 CVE-2010-1321 CVE-2010-1447 CVE-2010-2063 VMware ESX third party updates for Service Console CVE-2010-1974 reject request (dupe of CVE-2010-1168) and CVE-2010-1447 description modification request Low: cpio security and bug fix update Moderate: tar security update Moderate: tar security update Moderate: cpio security update Moderate: cpio security update Moderate: cpio security update Important: krb5 security update Moderate: perl security update Moderate: perl security update Critical: samba and samba3x security update Critical: java-1.6.0-sun security update Critical: java-1.5.0-ibm security update Critical: java-1.5.0-ibm security update Moderate: java-1.4.2-ibm security update Critical: java-1.6.0-ibm security and bug fix update Moderate: java-1.4.2-ibm security update Low: Red Hat Network Satellite server IBM Java Runtime security update Cpio Large File Size Handling Denial of Service Vulnerability GNU Cpio "rmt" Buffer Overflow Vulnerability Kerberos GSS-API NULL Pointer Dereference Vulnerability PostgreSQL Two Vulnerabilities Samba SMB1 Packet Chaining Memory Corruption Vulnerability VMware ESX Server Multiple Vulnerabilities VMware ESX Server Multiple Vulnerabilities VMware ESX / ESXi Server Update for Multiple Packages Oracle Solaris Perl Safe Module Security Bypass Oracle JRockit Multiple Vulnerabilities VMware Products Oracle (Sun) JRE Multiple Vulnerabilities Avaya Communication Manager krb5 GSS-API NULL Pointer Dereference Vulnerability F5 Enterprise Manager Multiple Vulnerabilities PostgreSQL Flaws in Safe.pm and PL/Perl Let Remote Authenticated Users Gain Elevated Privileges Perl Safe Module (Safe::reval and Safe::rdo) Can Be Bypassed Samba SMB1 Packet Chaining Memory Corruption Error Lets Remote Users Execute Arbitrary Code Release Note: Enterprise Manager version 2.3.0 krb5 -- null pointer dereference samba -- memory corruption perl -- restriction bypass Oracle Critical Patch Update Advisory - July 2011 cpio on 64-bit Large File Size Handling Overflow GNU tar rmt Client lib/rtapelib.c rmt_read__ Function Remote Overflow MIT Kerberos 5 GSS-API AP-REQ Authenticator NULL Dereference Remote DoS PostgreSQL Safe Module PL / perl Procedure Restriction Weakness Arbitrary Perl Code Execution (2010-1447) Samba smbd process.c chain_reply Function SMB1 Packet Chaining Memory Corruption PostgreSQL Security Information CPIO File Size Stack Buffer Overflow Vulnerability MIT Kerberos GSS-API Checksum NULL Pointer Dereference Denial Of Service Vulnerability Perl Safe Module 'reval()' and 'rdo()' Restriction-Bypass Vulnerabilities Perl Safe Module 'reval()' and 'rdo()' CVE-2010-1447 Restriction-Bypass Vulnerabilities Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability CVE-2010-1447 perl: Safe restriction bypass when reference to subroutine in compartment is called from outside postgresql-plperl-code-execution(58737) Samba security update IBM Java 6 security update IBM Java security update SUSE Security Summary Report SUSE Security Summary Report SUSE Security Summary Report SUSE Security Summary Report SUSE Security Summary Report SUSE Security Summary Report Vulnerable Configuration: Configuration RedHat 1 :cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:* Configuration RedHat 2 :cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:* Configuration RedHat 3 :cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:* Configuration RedHat 4 :cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:* Configuration RedHat 5 :cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:* Configuration CCN 1 :cpe:/a:larry_wall:perl:5.8.0:*:*:*:*:*:*:* OR cpe:/a:larry_wall:perl:5.8.3:*:*:*:*:*:*:* OR cpe:/a:larry_wall:perl:5.9.2:*:*:*:*:*:*:* OR cpe:/a:larry_wall:perl:5.8.6:*:*:*:*:*:*:* OR cpe:/a:postgresql:postgresql:8.0:*:*:*:*:*:*:* OR cpe:/a:postgresql:postgresql:8.1:*:*:*:*:*:*:* OR cpe:/a:postgresql:postgresql:8.2:*:*:*:*:*:*:* OR cpe:/a:postgresql:postgresql:7.4:*:*:*:*:*:*:* OR cpe:/a:larry_wall:perl:5.8.1:*:*:*:*:*:*:* OR cpe:/a:larry_wall:perl:5.8.8:*:*:*:*:*:*:* OR cpe:/a:postgresql:postgresql:8.3:*:*:*:*:*:*:* OR cpe:/a:postgresql:postgresql:8.4:*:*:*:*:*:*:* AND cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:* OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:* OR cpe:/a:redhat:rhel_extras:4:*:*:*:*:*:*:* OR cpe:/o:novell:suse_linux_enterprise_server:10:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:* OR cpe:/o:vmware:esx:3.0.0:*:*:*:*:*:*:* OR cpe:/o:suse:novell_linux_pos:9:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:x86-64:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:* OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:* OR cpe:/o:opensuse:opensuse:11.0:*:*:*:*:*:*:* OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:* OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:* OR cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:* OR cpe:/o:mandriva:linux:2009.1:*:*:*:*:*:*:* OR cpe:/o:mandriva:linux:2009.1:*:*:*:x86_64:*:*:* OR cpe:/a:vmware:esx_server:4.0:*:*:*:*:*:*:* OR cpe:/o:mandriva:enterprise_server:5:*:*:*:*:*:*:* OR cpe:/o:mandriva:enterprise_server:5:*:*:*:x86_64:*:*:* OR cpe:/o:mandriva:linux:2010:*:*:*:x86_64:*:*:* OR cpe:/o:mandriva:linux:2010:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:* OR cpe:/h:f5:enterprise_manager:2.0:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_hpc_node_supplementary:6.0:*:*:*:*:*:*:* Vulnerability Name: CVE-2005-4268 (CCN-58747) Assigned: 2005-11-07 Published: 2005-11-07 Updated: 2010-05-18 Summary: Buffer overflow in cpio 2.6-8.FC4 on 64-bit platforms, when creating a cpio archive, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a file whose size is represented by more than 8 digits. CVSS v3 Severity: 3.5 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): LowUser Interaction (UI): RequiredScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): Low
CVSS v2 Severity: 3.7 Low (CVSS v2 Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P 2.7 Low (Temporal CVSS v2 Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): Access Complexity (AC): Authentication (Au): Impact Metrics: Confidentiality (C): Integrity (I): Availibility (A):
4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P 3.0 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): Access Complexity (AC): Athentication (Au): Impact Metrics: Confidentiality (C): Integrity (I): Availibility (A):
Vulnerability Consequences: Denial of Service References: Source: MITRECVE-2005-4268 CVE-2010-0624 CVE-2010-1168 CVE-2010-1321 CVE-2010-1447 CVE-2010-2063 VMware ESX third party updates for Service Console Low: cpio security and bug fix update Moderate: tar security update Moderate: tar security update Moderate: cpio security update Moderate: cpio security update Moderate: cpio security update Important: krb5 security update Moderate: perl security update Moderate: perl security update Critical: samba and samba3x security update Critical: java-1.6.0-sun security update Critical: java-1.5.0-ibm security update Critical: java-1.5.0-ibm security update Moderate: java-1.4.2-ibm security update Critical: java-1.6.0-ibm security and bug fix update Moderate: java-1.4.2-ibm security update Low: Red Hat Network Satellite server IBM Java Runtime security update Cpio Large File Size Handling Denial of Service Vulnerability GNU Cpio "rmt" Buffer Overflow Vulnerability Kerberos GSS-API NULL Pointer Dereference Vulnerability PostgreSQL Two Vulnerabilities Heimdal GSS-API and kdc NULL Pointer Dereferences Denial of Service Samba SMB1 Packet Chaining Memory Corruption Vulnerability Avaya Products krb5 GSS-API NULL Pointer Dereference Vulnerability VMware ESX Server Multiple Vulnerabilities VMware ESX Server Multiple Vulnerabilities VMware ESX / ESXi Server Update for Multiple Packages Oracle Solaris Perl Safe Module Security Bypass Oracle JRockit Multiple Vulnerabilities Avaya Communication Manager krb5 GSS-API NULL Pointer Dereference Vulnerability F5 Enterprise Manager Multiple Vulnerabilities PostgreSQL Flaws in Safe.pm and PL/Perl Let Remote Authenticated Users Gain Elevated Privileges Perl Safe Module (Safe::reval and Safe::rdo) Can Be Bypassed Samba SMB1 Packet Chaining Memory Corruption Error Lets Remote Users Execute Arbitrary Code Release Note: Enterprise Manager version 2.3.0 GSS-API library null pointer dereference krb5 -- null pointer dereference samba -- memory corruption perl -- restriction bypass 2010-05-27 - Tries to follow NULL pointers in KDC and GSS-API Kerberos acceptor (server) Oracle Critical Patch Update Advisory - July 2011 Oracle Critical Patch Update Advisory - October 2010 Oracle Java SE and Java for Business Critical Patch Update Advisory - October 2010 cpio on 64-bit Large File Size Handling Overflow GNU tar rmt Client lib/rtapelib.c rmt_read__ Function Remote Overflow MIT Kerberos 5 GSS-API AP-REQ Authenticator NULL Dereference Remote DoS PostgreSQL Safe Module PL / perl Procedure Restriction Weakness Arbitrary Perl Code Execution (2010-1447) Samba smbd process.c chain_reply Function SMB1 Packet Chaining Memory Corruption CPIO File Size Stack Buffer Overflow Vulnerability MIT Kerberos GSS-API Checksum NULL Pointer Dereference Denial Of Service Vulnerability Perl Safe Module 'reval()' and 'rdo()' CVE-2010-1447 Restriction-Bypass Vulnerabilities Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability Kerberos vulnerabilities kerberos-apreq-dos(58747) Avaya Products krb5 GSS-API NULL Pointer Dereference Vulnerability Samba security update IBM Java 6 security update IBM Java security update SUSE Security Summary Report SUSE Security Summary Report SUSE Security Summary Report SUSE Security Summary Report SUSE Security Summary Report SUSE Security Summary Report Vulnerable Configuration: Configuration RedHat 1 :cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:* Configuration RedHat 2 :cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:* Configuration RedHat 3 :cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:* Configuration RedHat 4 :cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:* Configuration RedHat 5 :cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:* Configuration CCN 1 :cpe:/a:oracle:database_server:*:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.1:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.3:-:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.5:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.2.2:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos:5-1.6.3:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:-:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.2:-:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.2.1:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.2.3:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.2.4:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.2.5:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.2.6:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.2.7:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.2.8:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.3.1:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.3.2:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.3.4:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.3.5:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.3.6:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.4:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.4.1:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.4.2:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.4.3:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.4.4:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.5.1:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.5.2:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.5.3:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.6:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.6.1:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.6.2:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.3:alpha1:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.0:-:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.0.6:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.1:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.1.1:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.2:beta1:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.2:beta2:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.3.3:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.7:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.7.1:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.8:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos_5:1.8.1:*:*:*:*:*:*:* OR cpe:/a:mit:kerberos:5-1.8:alpha:*:*:*:*:*:* AND cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:* OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:* OR cpe:/a:redhat:rhel_extras:4:*:*:*:*:*:*:* OR cpe:/o:canonical:ubuntu:6.06:*:lts:*:*:*:*:* OR cpe:/o:novell:suse_linux_enterprise_server:10:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:* OR cpe:/o:vmware:esx:3.0.0:*:*:*:*:*:*:* OR cpe:/o:suse:novell_linux_pos:9:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:x86-64:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:* OR cpe:/a:avaya:communication_manager:5.0:*:*:*:*:*:*:* OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:* OR cpe:/o:canonical:ubuntu:8.04:*:lts:*:*:*:*:* OR cpe:/o:opensuse:opensuse:11.0:*:*:*:*:*:*:* OR cpe:/a:avaya:communication_manager:5.1:*:*:*:*:*:*:* OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:* OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:* OR cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:* OR cpe:/o:mandriva:linux:2009.1:*:*:*:*:*:*:* OR cpe:/o:mandriva:linux:2009.1:*:*:*:x86_64:*:*:* OR cpe:/a:vmware:esx_server:4.0:*:*:*:*:*:*:* OR cpe:/o:mandriva:enterprise_server:5:*:*:*:*:*:*:* OR cpe:/o:mandriva:enterprise_server:5:*:*:*:x86_64:*:*:* OR cpe:/o:mandriva:linux:2010:*:*:*:x86_64:*:*:* OR cpe:/o:mandriva:linux:2010:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:* OR cpe:/h:f5:enterprise_manager:2.0:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_hpc_node_supplementary:6.0:*:*:*:*:*:*:* Vulnerability Name: CVE-2005-4268 (CCN-59481) Assigned: 2005-11-07 Published: 2005-11-07 Updated: 2010-06-16 Summary: Buffer overflow in cpio 2.6-8.FC4 on 64-bit platforms, when creating a cpio archive, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a file whose size is represented by more than 8 digits. CVSS v3 Severity: 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): LowIntegrity (I): LowAvailibility (A): Low
CVSS v2 Severity: 3.7 Low (CVSS v2 Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P 2.7 Low (Temporal CVSS v2 Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): Access Complexity (AC): Authentication (Au): Impact Metrics: Confidentiality (C): Integrity (I): Availibility (A):
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P 5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): Access Complexity (AC): Athentication (Au): Impact Metrics: Confidentiality (C): Integrity (I): Availibility (A):
Vulnerability Consequences: Gain Access References: Source: MITRECVE-2005-4268 CVE-2010-0624 CVE-2010-1168 CVE-2010-1321 CVE-2010-1447 CVE-2010-2063 VMware ESX third party updates for Service Console Low: cpio security and bug fix update Moderate: tar security update Moderate: tar security update Moderate: cpio security update Moderate: cpio security update Moderate: cpio security update Important: krb5 security update Moderate: perl security update Moderate: perl security update Critical: samba and samba3x security update Critical: java-1.6.0-sun security update Critical: java-1.5.0-ibm security update Critical: java-1.5.0-ibm security update Moderate: java-1.4.2-ibm security update Critical: java-1.6.0-ibm security and bug fix update Moderate: java-1.4.2-ibm security update Low: Red Hat Network Satellite server IBM Java Runtime security update Cpio Large File Size Handling Denial of Service Vulnerability GNU Cpio "rmt" Buffer Overflow Vulnerability Kerberos GSS-API NULL Pointer Dereference Vulnerability PostgreSQL Two Vulnerabilities Samba SMB1 Packet Chaining Memory Corruption Vulnerability VMware ESX Server Multiple Vulnerabilities VMware ESX Server Multiple Vulnerabilities Sun Solaris Samba SMB1 Packet Chaining Memory Corruption Vulnerability Sun Solaris GSS-API NULL Pointer Dereference Vulnerability VMware ESX / ESXi Server Update for Multiple Packages Oracle Solaris Perl Safe Module Security Bypass Oracle JRockit Multiple Vulnerabilities Avaya Communication Manager krb5 GSS-API NULL Pointer Dereference Vulnerability Xerox WorkCentre Samba SMB1 Packet Chaining Vulnerability F5 Enterprise Manager Multiple Vulnerabilities PostgreSQL Flaws in Safe.pm and PL/Perl Let Remote Authenticated Users Gain Elevated Privileges Perl Safe Module (Safe::reval and Safe::rdo) Can Be Bypassed Samba SMB1 Packet Chaining Memory Corruption Error Lets Remote Users Execute Arbitrary Code About Security Update 2010-005 Release Note: Enterprise Manager version 2.3.0 krb5 -- null pointer dereference samba -- memory corruption perl -- restriction bypass Oracle Critical Patch Update Advisory - July 2011 cpio on 64-bit Large File Size Handling Overflow GNU tar rmt Client lib/rtapelib.c rmt_read__ Function Remote Overflow MIT Kerberos 5 GSS-API AP-REQ Authenticator NULL Dereference Remote DoS PostgreSQL Safe Module PL / perl Procedure Restriction Weakness Arbitrary Perl Code Execution (2010-1447) Samba smbd process.c chain_reply Function SMB1 Packet Chaining Memory Corruption Samba 3.0.x to 3.3.12 are affected by a memory corruption vulnerability. CPIO File Size Stack Buffer Overflow Vulnerability MIT Kerberos GSS-API Checksum NULL Pointer Dereference Denial Of Service Vulnerability Perl Safe Module 'reval()' and 'rdo()' CVE-2010-1447 Restriction-Bypass Vulnerabilities Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability Software Update to Address Buffer Overflow samba-smb1-code-execution(59481) Samba 3.3.12 Memory Corruption Vulnerability Samba security update IBM Java 6 security update IBM Java security update SUSE Security Summary Report SUSE Security Summary Report SUSE Security Summary Report SUSE Security Summary Report SUSE Security Summary Report SUSE Security Summary Report Vulnerable Configuration: Configuration RedHat 1 :cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:* Configuration RedHat 2 :cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:* Configuration RedHat 3 :cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:* Configuration RedHat 4 :cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:* Configuration RedHat 5 :cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:* Configuration CCN 1 :cpe:/a:samba:samba:3.0.0:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.1:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.2:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.6:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.4:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.7:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.10:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.26a:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.27a:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.2a:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.3:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.0:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.5:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.11:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.12:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.14:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.14a:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.15:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.16:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.17:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.18:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.19:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.20:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.20a:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.20b:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.21:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.22:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.23:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.23a:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.23b:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.23c:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.23d:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.24:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.21a:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.21b:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.21c:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.13:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.26:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.25:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.25a:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.25b:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.25c:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.8:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.9:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.25:pre1:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.25:pre2:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.25:rc1:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.25:rc2:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.25:rc3:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.27:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.4:rc1:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.28a:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.29:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.2.0:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.2.2:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.2.3:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.2.4:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.31:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.32:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.33:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.2.5:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.2.6:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.30:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.2.1:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.2.12:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.3.5:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.34:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.28:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.3.0:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.3.10:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.3.9:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.3.8:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.3.7:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.3.6:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.3.4:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.3.3:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.3.2:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.3.1:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.2.15:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.2.14:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.2.13:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.2.11:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.2.10:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.2.9:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.2.8:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.2.7:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.37:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.36:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.0.35:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.3.11:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.3.12:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.1.0:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.2:*:*:*:*:*:*:* OR cpe:/a:samba:samba:3.3:*:*:*:*:*:*:* AND cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:* OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:* OR cpe:/a:redhat:rhel_extras:4:*:*:*:*:*:*:* OR cpe:/o:novell:suse_linux_enterprise_server:10:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:* OR cpe:/o:vmware:esx:3.0.0:*:*:*:*:*:*:* OR cpe:/o:suse:novell_linux_pos:9:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:x86-64:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:* OR cpe:/a:novell:open_enterprise_server:*:*:*:*:*:*:*:* OR cpe:/o:opensuse:opensuse:11.0:*:*:*:*:*:*:* OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:* OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:* OR cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:* OR cpe:/o:mandriva:linux:2009.1:*:*:*:*:*:*:* OR cpe:/o:mandriva:linux:2009.1:*:*:*:x86_64:*:*:* OR cpe:/o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:* OR cpe:/a:vmware:esx_server:4.0:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x_server:10.6.4:*:*:*:*:*:*:* OR cpe:/o:apple:mac_os_x:10.6.4:*:*:*:*:*:*:* OR cpe:/o:mandriva:enterprise_server:5:*:*:*:*:*:*:* OR cpe:/o:mandriva:enterprise_server:5:*:*:*:x86_64:*:*:* OR cpe:/o:mandriva:linux:2010:*:*:*:x86_64:*:*:* OR cpe:/o:mandriva:linux:2010:*:*:*:*:*:*:* OR cpe:/h:xerox:workcentre_5755:-:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:* OR cpe:/h:f5:enterprise_manager:2.0:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux_hpc_node_supplementary:6.0:*:*:*:*:*:*:* Oval Definitions BACK
gnu cpio 2.6-8
gnu tar 1.22
gnu cpio 2.10
sun solaris 9.0
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 4
redhat enterprise linux 4
quest intrust knowledge pack for sun solaris 10.2.5.1024
redhat enterprise linux 4
redhat enterprise linux 4
mandrakesoft mandrake multi network firewall 2.0
redhat rhel extras 4
novell suse linux enterprise server 10
mandrakesoft mandrake linux corporate server 4.0
mandrakesoft mandrake linux corporate server 4.0
vmware esx server 3.0.0
suse novell linux pos 9
redhat enterprise linux 5
redhat enterprise linux 5
mandrakesoft mandrake linux 2008.0
redhat enterprise linux 5
mandrakesoft mandrake linux 2008.0
novell open enterprise server *
novell opensuse 11.0
mandriva linux 2009.0
mandriva linux 2009.0 -
debian debian linux 5.0
mandriva linux 2009.1
mandriva linux 2009.1
vmware esx server 4.0
mandriva enterprise server 5
mandriva enterprise server 5
mandriva linux 2010
mandriva linux 2010
redhat enterprise linux 6
f5 enterprise manager 2.0
redhat enterprise linux server supplementary 6.0
redhat enterprise linux workstation supplementary 6.0
redhat enterprise linux desktop supplementary 6.0
redhat enterprise linux hpc node supplementary 6.0
ibm flex system manager node *
larry_wall perl 5.8.0
larry_wall perl 5.8.3
larry_wall perl 5.9.2
larry_wall perl 5.8.6
postgresql postgresql 8.0
postgresql postgresql 8.1
postgresql postgresql 8.2
postgresql postgresql 7.4
larry_wall perl 5.8.1
larry_wall perl 5.8.8
postgresql postgresql 8.3
postgresql postgresql 8.4
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 4
redhat enterprise linux 4
redhat enterprise linux 4
redhat enterprise linux 4
mandrakesoft mandrake multi network firewall 2.0
redhat rhel extras 4
novell suse linux enterprise server 10
mandrakesoft mandrake linux corporate server 4.0
mandrakesoft mandrake linux corporate server 4.0
vmware esx server 3.0.0
suse novell linux pos 9
redhat enterprise linux 5
redhat enterprise linux 5
mandrakesoft mandrake linux 2008.0
redhat enterprise linux 5
mandrakesoft mandrake linux 2008.0
novell open enterprise server *
novell opensuse 11.0
mandriva linux 2009.0
mandriva linux 2009.0 -
debian debian linux 5.0
mandriva linux 2009.1
mandriva linux 2009.1
vmware esx server 4.0
mandriva enterprise server 5
mandriva enterprise server 5
mandriva linux 2010
mandriva linux 2010
redhat enterprise linux 6
f5 enterprise manager 2.0
redhat enterprise linux server supplementary 6.0
redhat enterprise linux workstation supplementary 6.0
redhat enterprise linux desktop supplementary 6.0
redhat enterprise linux hpc node supplementary 6.0
oracle database server *
mit kerberos 5-1.1
mit kerberos 5-1.3
mit kerberos 5-1.5
mit kerberos 5-1.2.2
mit kerberos 5-1.6.3
mit kerberos 5
mit kerberos 5-1.2
mit kerberos 5-1.2.1
mit kerberos 5-1.2.3
mit kerberos 5-1.2.4
mit kerberos 5-1.2.5
mit kerberos 5-1.2.6
mit kerberos 5-1.2.7
mit kerberos 5-1.2.8
mit kerberos 5-1.3.1
mit kerberos 5-1.3.2
mit kerberos 5-1.3.3
mit kerberos 5-1.3.4
mit kerberos 5-1.3.5
mit kerberos 5-1.3.6
mit kerberos 5-1.4
mit kerberos 5-1.4.1
mit kerberos 5-1.4.2
mit kerberos 5-1.4.3
mit kerberos 5-1.4.4
mit kerberos 5-1.5.1
mit kerberos 5-1.5.2
mit kerberos 5-1.5.3
mit kerberos 5-1.6
mit kerberos 5-1.6.1
mit kerberos 5-1.6.2
mit kerberos 5-1.3 alpha1
mit kerberos 5_1.0
mit kerberos 5_1.0.6
mit kerberos 5_1.1
mit kerberos 5_1.1.1
mit kerberos 5_1.2 beta1
mit kerberos 5_1.2 beta2
mit kerberos 5_1.3.3
mit kerberos 5-1.7
mit kerberos 5-1.7.1
mit kerberos 5-1.8
mit kerberos 5-1.8.1
mit kerberos 5-1.8 alpha
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 4
redhat enterprise linux 4
redhat enterprise linux 4
redhat enterprise linux 4
mandrakesoft mandrake multi network firewall 2.0
redhat rhel extras 4
canonical ubuntu 6.06
novell suse linux enterprise server 10
mandrakesoft mandrake linux corporate server 4.0
mandrakesoft mandrake linux corporate server 4.0
vmware esx server 3.0.0
suse novell linux pos 9
redhat enterprise linux 5
redhat enterprise linux 5
mandrakesoft mandrake linux 2008.0
redhat enterprise linux 5
mandrakesoft mandrake linux 2008.0
avaya communication manager 5.0
novell open enterprise server *
canonical ubuntu 8.04
novell opensuse 11.0
avaya communication manager 5.1
mandriva linux 2009.0
mandriva linux 2009.0 -
debian debian linux 5.0
mandriva linux 2009.1
mandriva linux 2009.1
vmware esx server 4.0
mandriva enterprise server 5
mandriva enterprise server 5
mandriva linux 2010
mandriva linux 2010
redhat enterprise linux 6
f5 enterprise manager 2.0
redhat enterprise linux server supplementary 6.0
redhat enterprise linux workstation supplementary 6.0
redhat enterprise linux desktop supplementary 6.0
redhat enterprise linux hpc node supplementary 6.0
samba samba 3.0.0
samba samba 3.0.1
samba samba 3.0.2
samba samba 3.0.6
samba samba 3.0.4
samba samba 3.0.7
samba samba 3.0.10
samba samba 3.0.26a
samba samba 3.0.27a
samba samba 3.0.2a
samba samba 3.0.3
samba samba 3.0.0
samba samba 3.0.5
samba samba 3.0.11
samba samba 3.0.12
samba samba 3.0.14
samba samba 3.0.14a
samba samba 3.0.15
samba samba 3.0.16
samba samba 3.0.17
samba samba 3.0.18
samba samba 3.0.19
samba samba 3.0.20
samba samba 3.0.20a
samba samba 3.0.20b
samba samba 3.0.21
samba samba 3.0.22
samba samba 3.0.23
samba samba 3.0.23a
samba samba 3.0.23b
samba samba 3.0.23c
samba samba 3.0.23d
samba samba 3.0.24
samba samba 3.0.21a
samba samba 3.0.21b
samba samba 3.0.21c
samba samba 3.0.13
samba samba 3.0.26
samba samba 3.0.25
samba samba 3.0.25a
samba samba 3.0.25b
samba samba 3.0.25c
samba samba 3.0.8
samba samba 3.0.9
samba samba 3.0.25 pre1
samba samba 3.0.25 pre2
samba samba 3.0.25 rc1
samba samba 3.0.25 rc2
samba samba 3.0.25 rc3
samba samba 3.0.27
samba samba 3.0.4 rc1
samba samba 3.0.28a
samba samba 3.0.29
samba samba 3.2.0
samba samba 3.2.2
samba samba 3.2.3
samba samba 3.2.4
samba samba 3.0.31
samba samba 3.0.32
samba samba 3.0.33
samba samba 3.2.5
samba samba 3.2.6
samba samba 3.0.30
samba samba 3.2.1
samba samba 3.2.12
samba samba 3.3.5
samba samba 3.0.34
samba samba 3.0.28
samba samba 3.3.0
samba samba 3.3.10
samba samba 3.3.9
samba samba 3.3.8
samba samba 3.3.7
samba samba 3.3.6
samba samba 3.3.4
samba samba 3.3.3
samba samba 3.3.2
samba samba 3.3.1
samba samba 3.2.15
samba samba 3.2.14
samba samba 3.2.13
samba samba 3.2.11
samba samba 3.2.10
samba samba 3.2.9
samba samba 3.2.8
samba samba 3.2.7
samba samba 3.0.37
samba samba 3.0.36
samba samba 3.0.35
samba samba 3.3.11
samba samba 3.3.12
samba samba 3.1.0
samba samba 3.2
samba samba 3.3
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 4
redhat enterprise linux 4
redhat enterprise linux 4
redhat enterprise linux 4
mandrakesoft mandrake multi network firewall 2.0
redhat rhel extras 4
novell suse linux enterprise server 10
mandrakesoft mandrake linux corporate server 4.0
mandrakesoft mandrake linux corporate server 4.0
vmware esx server 3.0.0
suse novell linux pos 9
redhat enterprise linux 5
redhat enterprise linux 5
mandrakesoft mandrake linux 2008.0
redhat enterprise linux 5
mandrakesoft mandrake linux 2008.0
novell open enterprise server *
novell opensuse 11.0
mandriva linux 2009.0
mandriva linux 2009.0 -
debian debian linux 5.0
mandriva linux 2009.1
mandriva linux 2009.1
apple mac os x 10.5.8
apple mac os x server 10.5.8
vmware esx server 4.0
apple mac os x server 10.6.4
apple mac os x 10.6.4
mandriva enterprise server 5
mandriva enterprise server 5
mandriva linux 2010
mandriva linux 2010
xerox workcentre 5755 -
redhat enterprise linux 6
f5 enterprise manager 2.0
redhat enterprise linux server supplementary 6.0
redhat enterprise linux workstation supplementary 6.0
redhat enterprise linux desktop supplementary 6.0
redhat enterprise linux hpc node supplementary 6.0
Denotes that component is vulnerable