CVSS: 2.1EPSS: 0%CPEs: 25EXPL: 0CVE-2004-1453
https://notcve.org/view.php?id=CVE-2004-1453
GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program. • http://bugs.gentoo.org/show_bug.cgi?id=59526 http://secunia.com/advisories/12306 http://www.gentoo.org/security/en/glsa/glsa-200408-16.xml http://www.redhat.com/support/errata/RHSA-2005-256.html http://www.redhat.com/support/errata/RHSA-2005-261.html http://www.securityfocus.com/bid/10963 https://exchange.xforce.ibmcloud.com/vulnerabilities/17006 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10762 https://access.redhat.com/security/cve&#x •
CVSS: 2.1EPSS: 0%CPEs: 26EXPL: 0CVE-2004-1382
https://notcve.org/view.php?id=CVE-2004-1382
The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968. • http://marc.info/?l=bugtraq&m=109899903129801&w=2 http://www.debian.org/security/2005/dsa-636 http://www.mandriva.com/security/advisories?name=MDKSA-2004:159 http://www.redhat.com/support/errata/RHSA-2005-261.html https://access.redhat.com/security/cve/CVE-2004-1382 https://bugzilla.redhat.com/show_bug.cgi?id=1617410 •
CVSS: 2.1EPSS: 0%CPEs: 30EXPL: 0CVE-2004-0968
https://notcve.org/view.php?id=CVE-2004-0968
The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136318 http://security.gentoo.org/glsa/glsa-200410-19.xml http://www.debian.org/security/2005/dsa-636 http://www.redhat.com/support/errata/RHSA-2004-586.html http://www.redhat.com/support/errata/RHSA-2005-261.html http://www.securityfocus.com/bid/11286 http://www.trustix.org/errata/2004/0050 https://exchange.xforce.ibmcloud.com/vulnerabilities/17583 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre. •
CVSS: 5.0EPSS: 4%CPEs: 59EXPL: 0CVE-2002-1265
https://notcve.org/view.php?id=CVE-2002-1265
The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang). La funcionalidad RPC de Sun en múltiples implementaciones de libc no provee de un mecanismo de exceso de tiempo cuando se leen datos de conexiones TCP, lo que permite a atacantes remotos causar una denegación de servicio (cuelgue) • ftp://patches.sgi.com/support/free/security/advisories/20021103-01-P http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/51082 http://www-1.ibm.com/services/continuity/recover1.nsf/mss/MSS-OAR-E01-2004.0800.1 http://www.info.apple.com/usen/security/security_updates.html http://www.iss.net/security_center/static/10539.php http://www.kb.cert.org/vuls/id/266817 http://www.securityfocus.com/bid/6103 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.m •
CVSS: 5.0EPSS: 16%CPEs: 1EXPL: 0CVE-2002-1146
https://notcve.org/view.php?id=CVE-2002-1146
The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary ("read buffer overflow"), allowing remote attackers to cause a denial of service (crash). Desbordamiento de búfer en el código de resolución de glib 2.2.5 y anteriores permite a atacantes remotos causar una denegación de servicio (caida) mediante una operación de lectura en paquetes DNS largos. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-015.txt.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000535 http://www.iss.net/security_center/static/10295.php http://www.kb.cert.org/vuls/id/738331 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:009 http://www.redhat.com/support/errata/RHSA-2002-197.html http://www.redhat.com/support/errata/RHSA-2002-258.html http://www.redhat.com/support/errata/RHSA-2003-022.html htt •