CVSS: 7.1EPSS: 1%CPEs: 111EXPL: 1CVE-2004-1471 – CVS 1.11.x - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2004-1471
Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line. • https://www.exploit-db.com/exploits/24182 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:14.cvs.asc http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html http://security.e-matters.de/advisories/092004.html http://www.securityfocus.com/bid/10499 https://exchange.xforce.ibmcloud.com/vulnerabilities/16365 •
CVSS: 3.6EPSS: 0%CPEs: 23EXPL: 0CVE-2004-1066
https://notcve.org/view.php?id=CVE-2004-1066
The cmdline pseudofiles in (1) procfs on FreeBSD 4.8 through 5.3, and (2) linprocfs on FreeBSD 5.x through 5.3, do not properly validate a process argument vector, which allows local users to cause a denial of service (panic) or read portions of kernel memory. NOTE: this candidate might be SPLIT into 2 separate items in the future. Los pseudoficheros cmdline en procfs en FreeBSD 4.8 a 5.3, y linprocfs en FreeBSD 5.x a 5.3 no validan adecuadamente un vector de argumento de proceso, lo que permite a usuarios locales causar una denegación de servicio (pánico) o leer porciones de memoria del kernle. NOTA: Esta candidata puede ser separada en dos vulnerabilidades en el futuro. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:17.procfs.asc https://exchange.xforce.ibmcloud.com/vulnerabilities/18321 •
CVSS: 4.6EPSS: 0%CPEs: 12EXPL: 0CVE-2004-0919
https://notcve.org/view.php?id=CVE-2004-0919
The syscons CONS_SCRSHOT ioctl in FreeBSD 5.x allows local users to read arbitrary kernel memory via (1) negative coordinates or (2) large coordinates. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:15.syscons.asc http://secunia.com/advisories/12722 http://www.kb.cert.org/vuls/id/969078 http://www.securityfocus.com/bid/11321 https://exchange.xforce.ibmcloud.com/vulnerabilities/17584 •
CVSS: 2.1EPSS: 0%CPEs: 7EXPL: 2CVE-2004-0618 – FreeBSD 4.10/5.x - 'execve()' Unaligned Memory Access Denial of Service
https://notcve.org/view.php?id=CVE-2004-0618
FreeBSD 5.1 for the Alpha processor allows local users to cause a denial of service (crash) via an execve system call with an unaligned memory address as an argument. FreeBSD 5.1 para procesadores Alfa permite a usuarios locales causar una denegación de servicio (caída) mediante una llamada de sistema con una dirección de memoria no alineada como argumento. • https://www.exploit-db.com/exploits/24233 http://marc.info/?l=bugtraq&m=108816603102865&w=2 http://www.securityfocus.com/bid/10596 https://exchange.xforce.ibmcloud.com/vulnerabilities/16499 •
CVSS: 3.6EPSS: 0%CPEs: 14EXPL: 0CVE-2004-0435
https://notcve.org/view.php?id=CVE-2004-0435
Certain "programming errors" in the msync system call for FreeBSD 5.2.1 and earlier, and 4.10 and earlier, do not properly handle the MS_INVALIDATE operation, which leads to cache consistency problems that allow a local user to prevent certain changes to files from being committed to disk. Ciertos "errores de programacíón" en la llamada al sistema msync de FreeBSD 5.2.1 y anteriores y 4.10 y anteriores, no maneja adecuadamente la operación MS_INVALIDATE, lo que lleva a problemas de consistencia de caché que permiten al usuario local impedir que ciertos cambios en ficheros se lleven a cabo en el disco. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:11.msync.asc http://secunia.com/advisories/11714 http://www.securityfocus.com/bid/10416 https://exchange.xforce.ibmcloud.com/vulnerabilities/16254 •