CVE-2004-0416 – Remote CVS 1.11.15 - 'error_prog_name' Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2004-0416
Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code. Vulnerabilidad de doble liberación en la cadena error_prog_name en CVS 1.12.x a 1.12.8, y 1.11.x a 1.11.16, puede permitir a atacantes remotos ejecutar código arbitrario. • https://www.exploit-db.com/exploits/392 ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html http://marc.info/?l=bugtraq&m=108716553923643&w=2 http://security.e-matters.de/advisories/092004.html http://security.gentoo.org/glsa/glsa-200406-06.xml http://www.debian.org/security/2004/dsa-519 http://www. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2004-0418
https://notcve.org/view.php?id=CVE-2004-0418
serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data. serve_notify en CVS 1.12.x a 1.12.8 y 1.11.x a 1.11.16 no maneja adecuadamente líneas de datos vacías, lo que puede permitir a atacantes remotos realizar una escritura "fuera de límites" en un solo byte para ejecutar código arbitrario o modificar datos críticos del programa. • ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html http://marc.info/?l=bugtraq&m=108716553923643&w=2 http://security.e-matters.de/advisories/092004.html http://security.gentoo.org/glsa/glsa-200406-06.xml http://www.debian.org/security/2004/dsa-519 http://www.mandriva.com/security/advisories?name=MDKSA-2004: •
CVE-2004-0482
https://notcve.org/view.php?id=CVE-2004-0482
Multiple integer overflows in (1) procfs_cmdline.c, (2) procfs_fpregs.c, (3) procfs_linux.c, (4) procfs_regs.c, (5) procfs_status.c, and (6) procfs_subr.c in procfs for OpenBSD 3.5 and earlier allow local users to read sensitive kernel memory and possibly perform other unauthorized activities. Múltiples errores de "comprobación incorrecta de límites" en ciertas funciones de procfs de OpenBSD 3.4 y 3.5 permite a usuarios locales leer memoria del kernel de su elección y posiblemente ganar privilegios mediante el sistema de archivos proc • ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/020_procfs.patch ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/006_procfs.patch http://marc.info/?l=full-disclosure&m=108481812926420&w=2 http://marc.info/?l=openbsd-security-announce&m=108445767103004&w=2 http://secunia.com/advisories/11605 http://www.deprotect.com/advisories/DEPROTECT-20041305.txt http://www.openbsd.org/errata34.html http://www.openbsd.org/errata35.html http://www.osvdb.org/6114 https: •
CVE-2004-0218
https://notcve.org/view.php?id=CVE-2004-0218
isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (infinite loop) via an ISAKMP packet with a zero-length payload, as demonstrated by the Striker ISAKMP Protocol Test Suite. isakmpd en OpenBSD 3.4 y anteriores permite a atacantes remotos causar una denegación de servicio (bucle infinito) mediante un paquete ISAKMP con una carga útil de logitud cero, como se ha demostrado por la Suite de pruebas de protocolos ISAKMP Striker. • http://marc.info/?l=bugtraq&m=108008530028019&w=2 http://secunia.com/advisories/11156 http://www.kb.cert.org/vuls/id/349113 http://www.openbsd.org/errata.html http://www.rapid7.com/advisories/R7-0018.html http://www.securityfocus.com/bid/10028 http://www.securitytracker.com/alerts/2004/Mar/1009468.html https://exchange.xforce.ibmcloud.com/vulnerabilities/15518 •
CVE-2004-0220
https://notcve.org/view.php?id=CVE-2004-0220
isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service via an ISAKMP packet with a malformed Cert Request payload, which causes an integer underflow that is used in a malloc operation that is not properly handled, as demonstrated by the Striker ISAKMP Protocol Test Suite. isakmpd en OpenBSD 3.4 y versiones anteriores permite a atacantes remotos provocar una denegación de servicio a través de un paquete ISAKMP con una carga útil Cert Request malformada, lo que provoca un desbordamiento inferior de entero que es usado en una operación malloc que no se maneja adecuadamente, según lo demonstrado por el Striker ISAKMP Protocol Test Suite. • http://marc.info/?l=bugtraq&m=108008530028019&w=2 http://www.kb.cert.org/vuls/id/223273 http://www.openbsd.org/errata.html http://www.rapid7.com/advisories/R7-0018.html http://www.securityfocus.com/bid/9907 http://www.securitytracker.com/alerts/2004/Mar/1009468.html https://exchange.xforce.ibmcloud.com/vulnerabilities/15629 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •