CVSS: 4.6EPSS: 0%CPEs: 5EXPL: 0CVE-2003-0464
https://notcve.org/view.php?id=CVE-2003-0464
The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are created, which could allow local users to bind to UDP ports that are used by privileged services such as nfsd. El código RPC en el kernel 2.4 de Linux establece la bandera de reusar cuando se crean sockets, lo que podría permitir a usuarios locales atar puertos UDP usados por servicios privilegiados como nfsd. • http://www.redhat.com/support/errata/RHSA-2003-238.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A311 https://access.redhat.com/security/cve/CVE-2003-0464 https://bugzilla.redhat.com/show_bug.cgi?id=1617039 •
CVSS: 2.1EPSS: 0%CPEs: 5EXPL: 0CVE-2003-0461
https://notcve.org/view.php?id=CVE-2003-0461
/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords. /proc/tty/driver/serial en Linux 2.4.x revela el número exacto de caractéres usado en enlaces serie, lo que podría permitir a usuarios locales obtener información potencialmente sensible como la longitud de las contraseñas. • http://rsbac.dyndns.org/pipermail/rsbac/2002-May/000162.html http://www.debian.org/security/2004/dsa-358 http://www.debian.org/security/2004/dsa-423 http://www.redhat.com/support/errata/RHSA-2003-238.html http://www.redhat.com/support/errata/RHSA-2004-188.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A304 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9330 https://oval.cisecurity.org/repository/sea •
CVSS: 4.3EPSS: 2%CPEs: 3EXPL: 2CVE-2003-0442 – PHP 4.x - Transparent Session ID Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2003-0442
Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.3.2 (session.use_trans_sid) allows remote attackers to insert arbitrary script via the PHPSESSID parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la capacidad de soporte transparente de SID en PHP anteriores a 4.3.2 (session.use_trans_sid) permite a atacantes remotos insertar script arbitrario mediante el parámetro PHPSESSID • https://www.exploit-db.com/exploits/22696 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000691 http://marc.info/?l=bugtraq&m=105449314612963&w=2 http://marc.info/?l=bugtraq&m=105760591228031&w=2 http://shh.thathost.com/secadv/2003-05-11-php.txt http://www.ciac.org/ciac/bulletins/n-112.shtml http://www.debian.org/security/2003/dsa-351 http://www.mandriva.com/security/advisories?name=MDKSA-2003:082 http://www.osvdb.org/4758 http://www.redhat •
CVSS: 7.5EPSS: 5%CPEs: 14EXPL: 1CVE-2003-0434 – Adobe Acrobat Reader (UNIX) 5.0 6 / Xpdf 0.9x Hyperlinks - Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-2003-0434
Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink. Varios visores de PDF, incluidos Adobe Acrobat 5.06 y Xpdf 1.01 permiten a atacantes remotos la ejecución arbitraria de comandos mediante metacaracteres de shell en un hipervínculo embebido. • https://www.exploit-db.com/exploits/22771 http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html http://marc.info/?l=bugtraq&m=105777963019186&w=2 http://secunia.com/advisories/9037 http://secunia.com/advisories/9038 http://www.kb.cert.org/vuls/id/200132 http://www.mandriva.com/security/advisories?name=MDKSA-2003:071 http://www.redhat.com/support/errata/RHSA-2003-196.html http://www.redhat.com/support/errata/RHSA-2003-197.html https://oval. •
CVSS: 5.0EPSS: 4%CPEs: 5EXPL: 0CVE-2003-0364
https://notcve.org/view.php?id=CVE-2003-0364
The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions. El manejo de reensamblaje de fragmentos TCP/IP en el Linux kernel 2.4 permite que atacantes remotos provoquen una denegación de servicio (agotamiento de CPU) mediante ciertos paquetes que causan un elevado número de colisiones en la tabla hash. • http://www.debian.org/security/2003/dsa-311 http://www.debian.org/security/2003/dsa-312 http://www.debian.org/security/2003/dsa-332 http://www.debian.org/security/2003/dsa-336 http://www.debian.org/security/2004/dsa-442 http://www.redhat.com/support/errata/RHSA-2003-187.html http://www.redhat.com/support/errata/RHSA-2003-195.html http://www.redhat.com/support/errata/RHSA-2003-198.html http://www.turbolinux.com/security/TLSA-2003-41.txt https://oval&# •