CVE Daily
← All tags

Tag: Slackware Linux

All CVEs associated with "Slackware Linux". Page 1/1 • 18 CVEs.

About “Slackware Linux”

A curated feed of “Slackware Linux”-related CVEs appears below. We currently track 18 CVEs for this tag (all time). In the last 365 days, 0 were published. Average CVSS is 6.3 (all time), and 67% are rated High/Critical (all time). Top CWEs (all time): CWE-20 - Improper Input Validation.

In our taxonomy this topic maps to a LOW impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

Support & lifecycle: slackware

This table shows recent release cycles and their projected end-of-life. Data source: endoflife.date.

CycleReleaseLatestEOLLTS
15.0--
14.2- Expired
14.1- Expired
14.0- Expired
13.37- Expired
13.1- Expired
13.0- Expired
12.2- Expired
12.1- Expired
12.0- Expired
11.0- Expired
10.2- Expired
10.1- Expired
10.0- Expired
9.1- Expired
9.0- Expired
8.1- Expired
8.0- Expired

Maintained Soon (≤ 180 days) Expired

Subscribe lifecycle: RSS (expired)  ·  ICS

Subscribe CVEs: RSS for “Slackware Linux”  ·  RSS (High+Critical only)

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2019-11-21
High

CVE-2013-7172

Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on the iodbctest and iodbctestw programs within the libiodbc package, which could allow local users to use RPATH information to…

CVSS: 7.8 CWE: CWE-20 - Improper Input Validation View on NVD
Critical

CVE-2013-7171

Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root…

CVSS: 9.8 CWE: CWE-20 - Improper Input Validation View on NVD
2007-06-29
Medium

CVE-2007-3499

SlackRoll before 8 accepts gpg exit codes other than 0 and 1 as evidence of a valid signature, which allows remote Slackware mirror sites or man-in-the-middle attackers to cause a denial of service (…

CVSS: 6.4 CWE: N/A View on NVD
2007-02-07
Low

CVE-2007-0822

umount, when running with the Linux 2.6.15 kernel on Slackware Linux 10.2, allows local users to trigger a NULL dereference and application crash by invoking the program with a pathname for a USB pen…

CVSS: 1.9 CWE: N/A View on NVD
Low

CVE-2007-0823

xterm on Slackware Linux 10.2 stores information that had been displayed for a different user account using the same xterm process, which might allow local users to bypass file permissions and read o…

CVSS: 1.9 CWE: N/A View on NVD
2004-08-06
High

CVE-2004-0530

The PHP package in Slackware 8.1, 9.0, and 9.1, when linked against a static library, includes /tmp in the search path, which allows local users to execute arbitrary code as the PHP user by inserting…

CVSS: 7.2 CWE: N/A View on NVD
2003-05-22
High

CVE-2003-0335

rc.M in Slackware 9.0 calls quotacheck with the -M option, which causes the filesystem to be remounted and possibly reset security-relevant mount flags such as nosuid, nodev, and noexec.

CVSS: 7.5 CWE: N/A View on NVD
2001-08-31
High

CVE-2001-1036

GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which…

CVSS: 7.2 CWE: N/A View on NVD
1999-12-01
Medium

CVE-1999-0856

login in Slackware 7.0 allows remote attackers to identify valid users on the system by reporting an encryption error when an account is locked or does not exist.

CVSS: 5.0 CWE: N/A View on NVD
1999-03-17
High

CVE-1999-0421

During a reboot after an installation of Linux Slackware 3.6, a remote attacker can obtain root access by logging in to the root account without a password.

CVSS: 7.2 CWE: N/A View on NVD
1999-01-02
High

CVE-1999-1422

The default configuration of Slackware 3.4, and possibly other versions, includes . (dot, the current directory) in the PATH environmental variable, which could allow local users to create Trojan hor…

CVSS: 7.2 CWE: N/A View on NVD
1998-07-13
High

CVE-1999-1434

login in Slackware Linux 3.2 through 3.5 does not properly check for an error when the /etc/group file is missing, which prevents it from dropping privileges, causing it to assign root privileges to…

CVSS: 7.2 CWE: N/A View on NVD
1998-04-06
Low

CVE-1999-1498

Slackware Linux 3.4 pkgtool allows local attacker to read and write to arbitrary files via a symlink attack on the reply file.

CVSS: 3.6 CWE: N/A View on NVD
1998-02-02
Medium

CVE-1999-1445

Vulnerability in imapd and ipop3d in Slackware 3.4 and 3.3 with shadowing enabled, and possibly other operating systems, allows remote attackers to cause a core dump via a short sequence of USER and…

CVSS: 5.0 CWE: N/A View on NVD
1997-12-01
High

CVE-1999-0340

Buffer overflow in Linux Slackware crond program allows local users to gain root access.

CVSS: 7.2 CWE: N/A View on NVD
1997-03-04
High

CVE-1999-1489

Buffer overflow in TestChip function in XFree86 SuperProbe in Slackware Linux 3.1 allows local users to gain root privileges via a long -nopr argument.

CVSS: 7.2 CWE: N/A View on NVD
1997-02-05
High

CVE-1999-0298

ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack.

CVSS: 7.5 CWE: N/A View on NVD
1996-01-02
High

CVE-1999-1186

rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows local users to gain root privileges by specifying a malicious pr…

CVSS: 7.2 CWE: N/A View on NVD
CVE Daily Lookup — auto-links CVE IDs on any page you visit. GitHub, Jira, Confluence & more. Free.
Chrome Firefox