CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2004-0496
https://notcve.org/view.php?id=CVE-2004-0496
06 Jul 2004 — Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool. Multiples vulnerabilidades desconocidas en el kernel 2.6 de Linux permite a usuarios locales ganar privilegios o acceder a memoria del kernel, un grupo de vulerabilidades distinto de los identificado por CAN-2004-0495, como se ha encontrado con la herramienta de comprobac... • http://www.novell.com/linux/security/advisories/2004_20_kernel.html •
CVSS: 5.5EPSS: 0%CPEs: 22EXPL: 1CVE-2004-0497 – Linux Kernel < 2.6.7-rc3 (Slackware 9.1 / Debian 3.0) - 'sys_chown()' Group Ownership Alteration Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-0497
06 Jul 2004 — Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4. Vulnerabilidad desconocida en el kernel 2.x de Linux puede permitir a usuarios locales modificar el ID de grupo de ficheros, como ficheros exportados con NFS en kernel 2.4. • https://www.exploit-db.com/exploits/718 •
CVSS: 10.0EPSS: 63%CPEs: 28EXPL: 0CVE-2004-0460
https://notcve.org/view.php?id=CVE-2004-0460
24 Jun 2004 — Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file. Desbordamiento de búfer en la capacidad de registro de sucesos (logging) del demonio DHCP (DHCPD) de ISC DHCP 3.0.1rc12 y 3.01rc13 permite ... • http://marc.info/?l=bugtraq&m=108795911203342&w=2 •
CVSS: 10.0EPSS: 9%CPEs: 28EXPL: 0CVE-2004-0461
https://notcve.org/view.php?id=CVE-2004-0461
24 Jun 2004 — The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code. El demonio DHCP (DHCPD) de ISC DHCP 3.0.1rc12 y 3.0.1rc13, cuando se compila en entornos que no proveen la función vsnprintf, usa ficheros de inclusión de C qu... • http://marc.info/?l=bugtraq&m=108795911203342&w=2 •
CVSS: 7.1EPSS: 0%CPEs: 93EXPL: 0CVE-2004-0535
https://notcve.org/view.php?id=CVE-2004-0535
08 Jun 2004 — The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources. El controlador e1000 del kernel de Linux 2.4.26 y anteriores no inicializa la memoria antes de usarla, lo que permite a usuarios locales leer porciones de la memoria del kernel. NOTA: Este problema ha sido originalmente descrito incorrectamente por otra... • ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc •
CVSS: 4.7EPSS: 0%CPEs: 27EXPL: 1CVE-2003-0462 – Linux Kernel 2.4 - SUID 'execve()' System Call Race Condition Executable File Read
https://notcve.org/view.php?id=CVE-2003-0462
25 Jul 2003 — A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash). Una condición de carrera en la manera que los punteros env_start y env_end son inicializados en la llamada al sistema execve y usada en fs/proc/base.c en Linux 2.4 permite a usuarios locales causar una denegación de servicio (caída). • https://www.exploit-db.com/exploits/22840 •
CVSS: 10.0EPSS: 0%CPEs: 11EXPL: 0CVE-2003-0041
https://notcve.org/view.php?id=CVE-2003-0041
01 Feb 2003 — Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client. El cliente de ftp Kerberos permite a sitios FTP remotos ejecutar código arbitrario mediante un carácter de tubería (|) en un nombre de fichero que recupera el cliente • http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0047.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2002-1713
https://notcve.org/view.php?id=CVE-2002-1713
31 Dec 2002 — The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home directories with world-readable permissions, which could allow local users to read other user's files. • http://online.securityfocus.com/archive/1/277515 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 5CVE-2002-1814 – Mandrake 7/8/9 / RedHat 6.x/7 Bonobo EFSTool - Commandline Argument Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-1814
31 Dec 2002 — Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments. • https://www.exploit-db.com/exploits/21583 •
CVSS: 5.5EPSS: 0%CPEs: 77EXPL: 2CVE-2002-2185
https://notcve.org/view.php?id=CVE-2002-2185
31 Dec 2002 — The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network. • ftp://patches.sgi.com/support/free/security/advisories/20020901-01-A •