CVSS: 7.5EPSS: 96%CPEs: 48EXPL: 2CVE-2004-0936 – Multiple AntiVirus - '.zip' Detection Bypass
https://notcve.org/view.php?id=CVE-2004-0936
RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. • https://www.exploit-db.com/exploits/629 http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true http://www.kb.cert.org/vuls/id/968818 http://www.securityfocus.com/bid/11448 https://exchange.xforce.ibmcloud.com/vulnerabilities/17761 •
CVSS: 7.5EPSS: 96%CPEs: 48EXPL: 2CVE-2004-0934 – Multiple AntiVirus - '.zip' Detection Bypass
https://notcve.org/view.php?id=CVE-2004-0934
Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. • https://www.exploit-db.com/exploits/629 http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true http://www.kb.cert.org/vuls/id/968818 http://www.securityfocus.com/bid/11448 https://exchange.xforce.ibmcloud.com/vulnerabilities/17761 •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2004-0831
https://notcve.org/view.php?id=CVE-2004-0831
McAfee VirusScan 4.5.1 does not drop SYSTEM privileges before allowing users to browse for files via the "System Scan" properties of the System Tray applet, which could allow local users to gain privileges. • http://marc.info/?l=bugtraq&m=109526269429728&w=2 http://www.idefense.com/application/poi/display?id=140&type=vulnerabilities https://exchange.xforce.ibmcloud.com/vulnerabilities/17367 •
CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0CVE-2004-0038
https://notcve.org/view.php?id=CVE-2004-0038
McAfee ePolicy Orchestrator (ePO) 2.5.1 Patch 13 and 3.0 SP2a Patch 3 allows remote attackers to execute arbitrary commands via certain HTTP POST requests to the spipe/file handler on ePO TCP port 81. mcAfee ePolicy Orchestrator (ePO) 2.5.1 Patch 13 y 3.0 SP2a Patch 3 permite a atacantes remotos ejecutar órdenes arbitrarias mediante ciertas peticiones HTTP POST al manejador "spipe/file" de ePO en el puerto TCP 81. • http://download.nai.com/products/patches/ePO/v2.x/Patch14.txt http://www.osvdb.org/5626 http://www.securityfocus.com/bid/10200 http://xforce.iss.net/xforce/alerts/id/173 https://exchange.xforce.ibmcloud.com/vulnerabilities/14166 •
CVSS: 5.0EPSS: 0%CPEs: 20EXPL: 8CVE-2004-0230 – TCP Connection Reset - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2004-0230
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. TCP, cuando se usa un tamaño de ventana de transmisión grande, hace más fácil a atacantes remotos adivinar números de secuencia y causar una denegación de servicio (pérdida de la conexión) en conexiones TCP persistentes inyectando repetidamente un paquete TCP RST, especialmente en protocolos que usan conexiones de vida larga, como BGP. • https://www.exploit-db.com/exploits/291 https://www.exploit-db.com/exploits/24030 https://www.exploit-db.com/exploits/24031 https://www.exploit-db.com/exploits/24033 https://www.exploit-db.com/exploits/24032 https://www.exploit-db.com/exploits/942 https://www.exploit-db.com/exploits/276 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt ftp://ftp.sco.com/ •