NotCVE - vendor:"Redhat" product:"Linux" version:" <= 5.0"

Page 23 of 202 results (0.092 seconds)

CVSS: 7.5EPSS: 90%CPEs: 44EXPL: 0

CVE-2004-0700 – mod_proxy hook format string

https://notcve.org/view.php?id=CVE-2004-0700

Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function. Vulnerabilidad de cadena de formateo en la función ssl_log en ssl_engine_log.c en mod_ssl 2.8.10 de Apache 1.3.31 puede permitir a atacantes remotos ejecutar mensajes de su elección mediante especificadores de cadena de formato en ciertos mensajes de registro de HTTPS. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000857 http://marc.info/?l=apache-modssl&m=109001100906749&w=2 http://marc.info/?l=bugtraq&m=109005001205991&w=2 http://packetstormsecurity.org/0407-advisories/modsslFormat.txt http://virulent.siyahsapka.org http://www.debian.org/security/2004/dsa-532 http://www.kb.cert.org/vuls/id/303448 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:075 http://www.osvdb.org/7929 http://www.redhat. •

CVSS: 10.0EPSS: 3%CPEs: 9EXPL: 0

CVE-2004-0649

https://notcve.org/view.php?id=CVE-2004-0649

Buffer overflow in write_packet in control.c for l2tpd may allow remote attackers to execute arbitrary code. Desbordamiento de búfer en write_packet en control.c de l2tpd puede permitir a atacantes remotos ejecutar código arbitrario. • http://marc.info/?l=bugtraq&m=108640917925735&w=2 http://security.gentoo.org/glsa/glsa-200407-17.xml http://www.debian.org/security/2004/dsa-530 https://exchange.xforce.ibmcloud.com/vulnerabilities/16326 •

CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0

CVE-2004-0667

https://notcve.org/view.php?id=CVE-2004-0667

Rule Set Based Access Control (RSBAC) 1.2.2 through 1.2.3 allows access to sys_creat, sys_open, and sys_mknod inside jails, which could allow local users to gain elevated privileges. • http://marc.info/?l=bugtraq&m=108861182906067&w=2 http://marc.info/?l=bugtraq&m=108879977120430&w=2 http://www.rsbac.org/download/bugfixes http://www.securityfocus.com/bid/10640 https://exchange.xforce.ibmcloud.com/vulnerabilities/16552 •

CVSS: 7.6EPSS: 0%CPEs: 20EXPL: 0

CVE-2004-0456

https://notcve.org/view.php?id=CVE-2004-0456

Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header. Desbordamiento basado en la pila en pavuk 0.9pl28, 0.9pl27, y posiblemente otras versiones permite a sitios web remotos ejecutar código de su elección mediante una cabecera de localización HTTP larga. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023322.html http://security.gentoo.org/glsa/glsa-200406-22.xml http://www.debian.org/security/2004/dsa-527 http://www.securityfocus.com/bid/10633 https://exchange.xforce.ibmcloud.com/vulnerabilities/16551 •

CVSS: 6.4EPSS: 96%CPEs: 16EXPL: 3

CVE-2004-0493 – Apache - Arbitrary Long HTTP Headers Denial of Service

https://notcve.org/view.php?id=CVE-2004-0493

The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters. La función ap_get_mime_headers_core de Apache httpd 2.0.49 permite a atacantes remotos causar una denegación de servicio (consumición de memoria) y posiblemente un error de entero sin signo que conduce a un desbordamiento de búfer basado en el montón en en sistemas de 64 bits, mediante líneas de cabecera largas con muchos caractéres espacio o tabulador. • https://www.exploit-db.com/exploits/371 https://www.exploit-db.com/exploits/360 http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/023133.html http://marc.info/?l=bugtraq&m=108853066800184&w=2 http://marc.info/?l=bugtraq&m=109181600614477&w=2 http://security.gentoo.org/glsa/glsa-200407-03.xml http://www.apacheweek.com/features/security-20 http://www.guninski.com/httpd1.html http://www.mandriva.com/security/advisories?name=MDKSA-2004:064 http://www.r •

1...21 22 23 24 25