CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2004-1337
https://notcve.org/view.php?id=CVE-2004-1337
23 Dec 2004 — The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges. • http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930 •
CVSS: 10.0EPSS: 2%CPEs: 11EXPL: 3CVE-2004-1170 – GNU a2ps 4.13 - File Name Command Execution
https://notcve.org/view.php?id=CVE-2004-1170
10 Dec 2004 — a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename. • https://www.exploit-db.com/exploits/24406 •
CVSS: 5.5EPSS: 0%CPEs: 30EXPL: 0CVE-2004-0968
https://notcve.org/view.php?id=CVE-2004-0968
20 Oct 2004 — The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136318 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2004-0969
https://notcve.org/view.php?id=CVE-2004-0969
20 Oct 2004 — The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136313 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2004-0966
https://notcve.org/view.php?id=CVE-2004-0966
20 Oct 2004 — The (1) autopoint and (2) gettextize scripts in the GNU gettext package 1.14 and later versions, as used in Trustix Secure Linux 1.5 through 2.1 and other operating systems, allows local users to overwrite files via a symlink attack on temporary files. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136323 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2004-0970
https://notcve.org/view.php?id=CVE-2004-0970
20 Oct 2004 — The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files via a symlink attack on temporary files. NOTE: the znew vulnerability may overlap CVE-2003-0367. • http://secunia.com/advisories/13131 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2004-1349
https://notcve.org/view.php?id=CVE-2004-1349
04 Oct 2004 — gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the permissions of files that are hard linked to the target files, which allows local users to view or modify these files. • http://secunia.com/advisories/12744 • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2004-0849
https://notcve.org/view.php?id=CVE-2004-0849
17 Sep 2004 — Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94, when compiled with the --enable-snmp option, allows remote attackers to cause a denial of service (daemon crash) via certain SNMP requests. Desbordamiento de enteros en la función asn_decode_string() definida en asn1.c en radiusd de GNU Radius 1.1 y 1.2 anteriores a 1.2.94, cuando se compila con la opción --enable-snmp, permite a atacantes remotos causar una denegación de servicio (caí... • http://lists.gnu.org/archive/html/info-gnu-radius/2004-09/msg00000.html •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2004-0256
https://notcve.org/view.php?id=CVE-2004-0256
01 Sep 2004 — GNU libtool before 1.5.2, during compile time, allows local users to overwrite arbitrary files via a symlink attack on libtool directories in /tmp. GNU libtool anteriores a 1.5.2, durante la compilación, permite a usuarios locales sobreescribir ficheros arbitrarios mediante un ataque de enlaces simbólicos en directorios de libtool en /tmp. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000811 •
CVSS: 5.3EPSS: 4%CPEs: 2EXPL: 0CVE-2004-0778
https://notcve.org/view.php?id=CVE-2004-0778
18 Aug 2004 — CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned. CVS 1.11.x anteriores a 1.11.17 y 1.12.x anteriores a 1.12.9 permite a atacantes remotos determinar la existencia de ficheros y directorios de su elección mediante el comando -X de un fichero de historia alternativo, lo que hace que devuelve diferentes mensajes de erro... • http://www.idefense.com/application/poi/display?id=130&type=vulnerabilities • CWE-203: Observable Discrepancy •