Ville Skyttä

#9801of 53,633
28.2Total CVSS
Vulnerabilities · 4
Low
1
Medium
1
High
2
PT-2019-6502
3.6
2019-11-09
Advanced Linux Sound Architecture · Alsa-Utils · CVE-2009-0035
**Name of the Vulnerable Software and Affected Versions** alsa-utils versions 1.0.19 and later **Description** The issue allows local users to overwrite arbitrary files via a symlink attack. This is possible through the /usr/bin/alsa-info and /usr/bin/alsa-info.sh scripts. **Recommendations** For alsa-utils versions 1.0.19 and later, consider restricting access to the /usr/bin/alsa-info and /usr/bin/alsa-info.sh scripts to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2007-4396
7.8
2007-06-07
Cacti · Cacti · CVE-2007-3112
Name of the Vulnerable Software and Affected Versions: Cacti version 0.8.6i Description: The issue allows remote authenticated users to cause a denial of service, specifically CPU consumption, by providing a large value for the `graph start` or `graph end` parameter in the graph image.php file. Recommendations: For Cacti version 0.8.6i, consider restricting access to the graph image.php file or limiting the values that can be passed to the `graph start` and `graph end` parameters to prevent excessive CPU consumption. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2007-4397
6.8
2007-06-07
Cacti · Cacti · CVE-2007-3113
Name of the Vulnerable Software and Affected Versions: Cacti version 0.8.6i Description: The issue allows remote authenticated users to cause a denial of service, specifically CPU consumption, by providing a large value for the `graph height` or `graph width` parameter. Recommendations: For version 0.8.6i, restrict the input values for the `graph height` and `graph width` parameters to prevent excessive CPU consumption. At the moment, there is no information about a newer version that contains a fix for this issue.
PT-2006-1003
10
2006-11-08
Proftpd · Proftpd · CVE-2006-5815
Name of the Vulnerable Software and Affected Versions: ProFTPD version 1.3.0 and earlier Description: The issue is related to a stack-based buffer overflow in the sreplace function, which can be exploited by remote attackers to cause a denial of service and potentially execute arbitrary code. This can lead to a breach of confidentiality, integrity, and availability of protected information. The exploitation of this issue can be done remotely. Recommendations: For ProFTPD version 1.3.0 and earlier, update to a version later than 1.3.0 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.