CVE-2004-1332
https://notcve.org/view.php?id=CVE-2004-1332
Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request. • http://marc.info/?l=bugtraq&m=110797179710695&w=2 http://secunia.com/advisories/13608 http://securitytracker.com/id?1012650 http://www.idefense.com/application/poi/display?id=175&type=vulnerabilities&flashstatus=false http://www.kb.cert.org/vuls/id/647438 http://www.securityfocus.com/bid/12077 https://exchange.xforce.ibmcloud.com/vulnerabilities/18636 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5701 •
CVE-2004-2693
https://notcve.org/view.php?id=CVE-2004-2693
HP-UX B.11.00 and B.11.11 with B6848AB GTK+ Support Libraries installed uses insecure directory permissions, which allows local users to gain privileges via files in /opt/gnome/src/GLib/. • http://marc.info/?l=bugtraq&m=108455531606056&w=2 http://secunia.com/advisories/11615 http://www.hp.com/products1/unix/java/mozilla/HPSBUX01034.html http://www.osvdb.org/6120 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6105 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2004-1375
https://notcve.org/view.php?id=CVE-2004-1375
Unknown vulnerability in System Administration Manager (SAM) in HP-UX B.11.00, B.11.11, B.11.22, and B.11.23 allows local users to gain privileges. • http://marc.info/?l=bugtraq&m=110384155209555&w=2 http://www.ciac.org/ciac/bulletins/p-085.shtml http://www.securityfocus.com/bid/12098 https://exchange.xforce.ibmcloud.com/vulnerabilities/18674 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5435 •
CVE-2004-1029 – Sun Java Runtime Environment 1.x Java Plugin - JavaScript Security Restriction Bypass
https://notcve.org/view.php?id=CVE-2004-1029
The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages. • https://www.exploit-db.com/exploits/24763 http://jouko.iki.fi/adv/javaplugin.html http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html http://secunia.com/advisories/13271 http://secunia.com/advisories/29035 http://securityreason.com/securityalert/61 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1 http://sunsolve.sun.co • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2004-0940 – Apache 1.3.31 mod_include - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-0940
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error. • https://www.exploit-db.com/exploits/587 https://www.exploit-db.com/exploits/24694 http://marc.info/?l=bugtraq&m=109906660225051&w=2 http://secunia.com/advisories/12898 http://secunia.com/advisories/19073 http://securitytracker.com/id?1011783 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102197-1 http://support.avaya.com/elmodocs2/security/ASA-2006-081.htm http://www.apacheweek.com/features/security-13 http://www.debian.org/security/2004/dsa-594 http:/& • CWE-131: Incorrect Calculation of Buffer Size •