CVE-2004-1235 – Linux Kernel 2.4 - 'uselib()' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-1235
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor. Condición de carrera en las llamadas de funciones (1) load_elf_library y (2) binfmt_aout de uselib de los kernel de Linux 2.4 a 2.429-rc2 y 2.6 a 2.6.10 permite a usuarios locales ejecutar código de su elección manipulando el descriptor WMA. • https://www.exploit-db.com/exploits/778 https://www.exploit-db.com/exploits/744 https://www.exploit-db.com/exploits/895 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930 http://isec.pl/vulnerabilities/isec-0021-uselib.txt http://marc.info/?l=bugtraq&m=110512575901427&w=2 http://secunia.com/advisories/20162 http://secunia.com/advisories/20163 http://secunia.com/advisories/20202 http://secunia.com/advisories/20338 http://www.debian.org/security •
CVE-2004-2097
https://notcve.org/view.php?id=CVE-2004-2097
Multiple scripts on SuSE Linux 9.0 allow local users to overwrite arbitrary files via a symlink attack on (1) /tmp/fvwm-bug created by fvwm-bug, (2) /tmp/wmmenu created by wm-oldmenu2new, (3) /tmp/rates created by x11perfcomp, (4) /tmp/xf86debug.1.log created by xf86debug, (5) /tmp/.winpopup-new created by winpopup-send.sh, or (6) /tmp/initrd created by lvmcreate_initrd. • http://marc.info/?l=bugtraq&m=107461582413923&w=2 http://marc.info/?l=bugtraq&m=107478920006258&w=2 http://securitytracker.com/id?1008781 http://www.securityfocus.com/bid/9457 https://exchange.xforce.ibmcloud.com/vulnerabilities/14963 •
CVE-2004-1491 – Opera Web Browser 7.54 - 'KDE KFMCLIENT' Remote Command Execution
https://notcve.org/view.php?id=CVE-2004-1491
Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry. • https://www.exploit-db.com/exploits/24828 http://lists.suse.com/archive/suse-security-announce/2005-Mar/0007.html http://secunia.com/advisories/13447 http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml http://www.opera.com/linux/changelogs/754u2 http://www.securityfocus.com/bid/11901 http://www.zone-h.org/advisories/read/id=6503 https://exchange.xforce.ibmcloud.com/vulnerabilities/18457 •
CVE-2004-1895
https://notcve.org/view.php?id=CVE-2004-1895
YaST Online Update (YOU) in SuSE 8.2 and 9.0 allows local users to overwrite arbitrary files via a symlink attack on you-$USER/cookies. • http://archives.neohapsis.com/archives/bugtraq/2004-04/0058.html http://marc.info/?l=bugtraq&m=108118395519164&w=2 http://secunia.com/advisories/11300 http://securitytracker.com/id?1009668 http://www.osvdb.org/4985 http://www.securityfocus.com/bid/10047 https://exchange.xforce.ibmcloud.com/vulnerabilities/15731 •
CVE-2004-0592
https://notcve.org/view.php?id=CVE-2004-0592
The tcp_find_option function of the netfilter subsystem for IPv6 in the SUSE Linux 2.6.5 kernel with USAGI patches, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type, a similar flaw to CVE-2004-0626. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023408.html http://www.novell.com/linux/security/advisories/2004_20_kernel.html https://exchange.xforce.ibmcloud.com/vulnerabilities/43137 •