CVE-2004-0460
https://notcve.org/view.php?id=CVE-2004-0460
Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file. Desbordamiento de búfer en la capacidad de registro de sucesos (logging) del demonio DHCP (DHCPD) de ISC DHCP 3.0.1rc12 y 3.01rc13 permite a atacantes remotos causar una denegación de servión (caída del servidor) y posiblemente ejecutar código arbitrario mediante multiples opciones de nombre de máquina (hostname) en mensajes (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, o (5) NAK, lo que puede generar una cadena larga cuando se escribe en un fichero de registro. • http://marc.info/?l=bugtraq&m=108795911203342&w=2 http://marc.info/?l=bugtraq&m=108843959502356&w=2 http://marc.info/?l=bugtraq&m=108938625206063&w=2 http://secunia.com/advisories/23265 http://www.kb.cert.org/vuls/id/317350 http://www.mandriva.com/security/advisories?name=MDKSA-2004:061 http://www.novell.com/linux/security/advisories/2004_19_dhcp_server.html http://www.securityfocus.com/bid/10590 http://www.us-cert.gov/cas/techalerts/TA04-174A.html http:/ •
CVE-2004-0581
https://notcve.org/view.php?id=CVE-2004-0581
ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp. El script ksymoops-gznm en Mandrake Linux 9.1 a 10.0, y Corporate Server 2.1 permite a usuarios locales borrar ficheros arbitrarios mediante un ataque de enlaces simbólicos en /tmp. • http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:060 http://www.securityfocus.com/bid/10516 https://exchange.xforce.ibmcloud.com/vulnerabilities/16392 •
CVE-2004-0587
https://notcve.org/view.php?id=CVE-2004-0587
Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service. Permisos inseguros en el fichero /proc/scsi/qla2300/HbaApiNode en Linux permite a usuarios locales causar una denegación de servicio. • ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc http://lwn.net/Articles/91155 http://securitytracker.com/id?1010057 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:066 http://www.novell.com/linux/security/advisories/2004_10_kernel.html http://www.redhat.com/support/errata/RHSA-2004-413.html http://www.redhat.com/support/errata/RHSA-2004-418.html http://www.securityfocus.com/bid/10279 https://exchange.xforce.ibmcloud.com/vulnerab •
CVE-2004-0535
https://notcve.org/view.php?id=CVE-2004-0535
The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources. El controlador e1000 del kernel de Linux 2.4.26 y anteriores no inicializa la memoria antes de usarla, lo que permite a usuarios locales leer porciones de la memoria del kernel. NOTA: Este problema ha sido originalmente descrito incorrectamente por otras fuentes como un "desbordamiento de búfer". • ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845 http://lwn.net/Articles/91155 http://security.gentoo.org/glsa/glsa-200407-02.xml http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log http://www.mandriva.com/security/advisories?name=MDKSA-2004:062 http://www.novell.com/linux/security/advisories/2004_20_kern •
CVE-2004-0402
https://notcve.org/view.php?id=CVE-2004-0402
Buffer overflow in xpcd-svga in xpcd before 2.08, and possibly other versions, may allow local users to execute arbitrary code. Desbordamiento de búfer en xpcd-svga en xpcd anteriores a 2.08, y posiblemente otras versiones, puede permitir a usuarios locales ejecutar código de su elección. • http://www.debian.org/security/2004/dsa-508 http://www.mandriva.com/security/advisories?name=MDKSA-2004:053 http://www.securityfocus.com/bid/10403 https://exchange.xforce.ibmcloud.com/vulnerabilities/16236 •