CVSS: 9.1EPSS: 0%CPEs: 11EXPL: 0CVE-2004-0432
https://notcve.org/view.php?id=CVE-2004-0432
05 May 2004 — ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions. ProFTPD 1.2.9 trata las directivas Permitir y Denegar para ACLS basadas en CIDR como si fueran AllowAll (Permitir Todo), lo que podría permitir a clientes FTP saltarse las restricciones de acceso pretendidas. • http://bugs.proftpd.org/show_bug.cgi?id=2267 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 2CVE-2004-1983 – PaX 2.6 Kernel Patch - Denial of Service
https://notcve.org/view.php?id=CVE-2004-1983
02 May 2004 — The arch_get_unmapped_area function in mmap.c in the PaX patches for Linux kernel 2.6, when Address Space Layout Randomization (ASLR) is enabled, allows local users to cause a denial of service (infinite loop) via unknown attack vectors. • https://www.exploit-db.com/exploits/24078 •
CVSS: 10.0EPSS: 63%CPEs: 17EXPL: 2CVE-2004-0386 – MPlayer 0.9/1.0 - Remote HTTP Header Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-0386
07 Apr 2004 — Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header. Desbordamiento de búfer en el procesador HTTP de MPlayer 1.0pre3 y anteriores, 0.90 y 0.91 permite a atacantes ejecutar código arbitrario mediante una cabecera Location larga. • https://www.exploit-db.com/exploits/23896 •
CVSS: 10.0EPSS: 23%CPEs: 11EXPL: 2CVE-2004-0333 – WinZip - MIME Parsing Overflow
https://notcve.org/view.php?id=CVE-2004-0333
18 Mar 2004 — Buffer overflow in the UUDeview package, as used in WinZip 6.2 through WinZip 8.1 SR-1, and possibly other packages, allows remote attackers to execute arbitrary code via a MIME archive with certain long MIME parameters. • https://www.exploit-db.com/exploits/272 •
CVSS: 9.8EPSS: 5%CPEs: 22EXPL: 0CVE-2004-0224
https://notcve.org/view.php?id=CVE-2004-0224
16 Mar 2004 — Multiple buffer overflows in (1) iso2022jp.c or (2) shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before 4.0.0 may allow remote attackers to execute arbitrary code "when Unicode character is out of BMP range." Múltiples desobordamientos de búfer en (1) iso2022jp.c o (2) shiftjis.c de Courier-IMAP anteriores a 3.0.0, Courier anteriores a 0.45, y SQWebMail anteriores a 4.0.0 pueden permitir a atacantes remotos ejecutar código arbitrario "cuando el carácter Unicode está fuera de ... • http://secunia.com/advisories/11087 •
CVSS: 9.8EPSS: 2%CPEs: 105EXPL: 1CVE-2003-0681 – Sendmail 8.12.9 - 'Prescan()' Variant Remote Buffer Overrun
https://notcve.org/view.php?id=CVE-2003-0681
18 Sep 2003 — A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. Un "desbordamiento de búfer potencial en el análisis de reglas" (ruleset parsing) en Sendmail 8.12.9 cuando se usan los conjuntos de reglas no estándar: (1) receptor, (2) final, o (3) receptores de envoltorio específicos del enviador de correo, tienen consecuencias desconocidas. • https://www.exploit-db.com/exploits/23154 •
CVSS: 10.0EPSS: 18%CPEs: 163EXPL: 0CVE-2003-0694 – Sendmail SMTP Address prescan Memory Corruption
https://notcve.org/view.php?id=CVE-2003-0694
18 Sep 2003 — The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. La función de prescan en Sendmail 8.12.9 permite a atacantes remotos ejecutar código arbitrario mediante ataques de desbordamiento de búfer, como se demostró usando la función parseaddr en parseaddr.c. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2003-0550
https://notcve.org/view.php?id=CVE-2003-0550
25 Jul 2003 — The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology. El protocolo STP, activado en Linux 2.4.x, no provee de suficiente seguridad por diseño, lo que permite a atacantes modificar la topología de puente. • http://www.debian.org/security/2004/dsa-358 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2003-0551
https://notcve.org/view.php?id=CVE-2003-0551
25 Jul 2003 — The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service. La implementación del protocolo STP en Linux 2.4.x no verifica adecuadamente ciertas longitudes, lo que podría permitir a atacantes causar una denegación de servicio. • http://www.debian.org/security/2004/dsa-358 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2003-0552
https://notcve.org/view.php?id=CVE-2003-0552
25 Jul 2003 — Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the target. Linux 2.4.x pemite a atacantes remotos suplantar entradas en la tabla de reenvio de puente (bridge forwarding) mediante paquetes falsificados cuya dirección de origen es la misma que la del objetivo. • http://www.debian.org/security/2004/dsa-358 •