CVSS: 7.8EPSS: 0%CPEs: 51EXPL: 0CVE-2004-1051
https://notcve.org/view.php?id=CVE-2004-1051
18 Nov 2004 — sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html •
CVSS: 10.0EPSS: 4%CPEs: 93EXPL: 0CVE-2004-0888 – dsa-573.txt
https://notcve.org/view.php?id=CVE-2004-0888
26 Oct 2004 — Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889. Chris Evans discovered several integer overflows in xpdf, that are also present in CUPS, the Common UNIX Printing System, which can be exploited remotely by a specially crafted PDF document. • http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000886 •
CVSS: 10.0EPSS: 3%CPEs: 93EXPL: 0CVE-2004-0889
https://notcve.org/view.php?id=CVE-2004-0889
26 Oct 2004 — Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. • http://marc.info/?l=bugtraq&m=109880927526773&w=2 •
CVSS: 7.5EPSS: 14%CPEs: 30EXPL: 1CVE-2004-0809
https://notcve.org/view.php?id=CVE-2004-0809
16 Sep 2004 — The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access. • http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/dav/fs/lock.c?r1=1.32&r2=1.33 •
CVSS: 9.8EPSS: 21%CPEs: 4EXPL: 0CVE-2004-0772 – mit-2004-002.txt
https://notcve.org/view.php?id=CVE-2004-0772
08 Sep 2004 — Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code. Vulnerabilidad de doble liberación en el código de manejo de errores en krb524d de MIT Kerberos (krb5) 1.2.8 y anteriores puede permitir a atacantes remotos ejecutar código de su elección. The MIT Kerberos 5 implementation's Key Distribution Center (KDC) program contains a double-free vulnerability that potentially allows a remote attacker to execute... • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000860 • CWE-415: Double Free •
CVSS: 9.8EPSS: 86%CPEs: 18EXPL: 2CVE-2004-0594 – PHP 4.3.7/5.0.0RC3 - 'memory_limit' Remote Overflow
https://notcve.org/view.php?id=CVE-2004-0594
14 Jul 2004 — The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete. La funcionalidad memory_limit de PHP 4.x a 4.3.7 y 5.x a 5.0.0RC3, bajo ciertas condiciones, como cuando register_globals es... • https://packetstorm.news/files/id/35185 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 9.8EPSS: 57%CPEs: 4EXPL: 0CVE-2004-0488 – mod_ssl ssl_util_uuencode_binary CA issue
https://notcve.org/view.php?id=CVE-2004-0488
28 May 2004 — Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN. Desbordamiento de búfer basado en la pila en la función ssl_util_uuencode_binary en ssl_util.c de mod_ssl de Apache cuando se configura mod_ssl para que confie en la Autoridad Certificadora emisora, puede permitir a atacantes remotos ejecutar código arbit... • ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 25%CPEs: 9EXPL: 1CVE-2001-0763 – Xinetd 2.1.8 - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0763
18 Oct 2001 — Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function. • https://www.exploit-db.com/exploits/20908 •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2001-0738
https://notcve.org/view.php?id=CVE-2001-0738
18 Oct 2001 — LogLine function in klogd in sysklogd 1.3 in various Linux distributions allows an attacker to cause a denial of service (hang) by causing null bytes to be placed in log messages. • http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-026-01 •
CVSS: 10.0EPSS: 27%CPEs: 87EXPL: 3CVE-2001-0554 – Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - 'TelnetD' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0554
14 Aug 2001 — Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. The Netkit telnetd implementation shipped with Debian Linux appears to be lacking the AYT vulnerability patch. This exposes the platform to a remote root problem discovered by scut of TESO back in 2001. • https://www.exploit-db.com/exploits/21018 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •