CVSS: 5.0EPSS: 96%CPEs: 26EXPL: 0CVE-2004-0918 – Squid SNMP DoS
https://notcve.org/view.php?id=CVE-2004-0918
The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory allocation error. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.16/SCOSA-2005.16.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000923 http://fedoranews.org/updates/FEDORA--.shtml http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html http://marc.info/?l=bugtraq&m=109913064629327&w=2 http://secunia.com/advisories/30914 http://secunia.com/advisories/30967 http://www.gentoo.org/security/en/glsa/glsa-200410-15.xml http://www.idefense.com/application& • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 3%CPEs: 86EXPL: 0CVE-2005-0373
https://notcve.org/view.php?id=CVE-2005-0373
Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code. • http://www.gentoo.org/security/en/glsa/glsa-200410-05.xml http://www.linuxcompatible.org/print42495.html http://www.mandriva.com/security/advisories?name=MDKSA-2005:054 http://www.monkey.org/openbsd/archive/ports/0407/msg00265.html http://www.securityfocus.com/bid/11347 https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c.diff?r1=1.170&r2=1.171 https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/digestmd5.c?rev=1.171&content-type •
CVSS: 9.8EPSS: 19%CPEs: 4EXPL: 0CVE-2004-0772
https://notcve.org/view.php?id=CVE-2004-0772
Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code. Vulnerabilidad de doble liberación en el código de manejo de errores en krb524d de MIT Kerberos (krb5) 1.2.8 y anteriores puede permitir a atacantes remotos ejecutar código de su elección. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000860 http://marc.info/?l=bugtraq&m=109508872524753&w=2 http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2004-002-dblfree.txt http://www.debian.org/security/2004/dsa-543 http://www.gentoo.org/security/en/glsa/glsa-200409-09.xml http://www.kb.cert.org/vuls/id/350792 http://www.mandriva.com/security/advisories?name=MDKSA-2004:088 http://www.securityfocus.com/bid/11078 http://www.trustix.net/errata&# • CWE-415: Double Free •
CVSS: 5.1EPSS: 61%CPEs: 18EXPL: 1CVE-2004-0594 – PHP 4.3.7/5.0.0RC3 - 'memory_limit' Remote Overflow
https://notcve.org/view.php?id=CVE-2004-0594
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of the zend_hash_init function and overwriting a HashTable destructor pointer before the initialization of key data structures is complete. La funcionalidad memory_limit de PHP 4.x a 4.3.7 y 5.x a 5.0.0RC3, bajo ciertas condiciones, como cuando register_globals está habilitado, permite a atacantes remotos ejecutar código de su elección disparando un aborto por memory_limit de la función zend_hash_init y sobrescribiendo un puntero de destructor de HashTable antes de que la incialización de las estructuras de datos clave se haya completado. • https://www.exploit-db.com/exploits/660 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000847 http://lists.grok.org.uk/pipermail/full-disclosure/2004-July/023908.html http://marc.info/?l=bugtraq&m=108981780109154&w=2 http://marc.info/?l=bugtraq&m=108982983426031&w=2 http://marc.info/?l=bugtraq&m=109051444105182&w=2 http://marc.info/? • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 10.0EPSS: 31%CPEs: 7EXPL: 0CVE-2004-0413
https://notcve.org/view.php?id=CVE-2004-0413
libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL strings, which allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via an integer overflow that leads to a heap-based buffer overflow. libsvn_ra_svn en Subversion 1.0.4 confía en el campo de longitud de (1) svn://, (2) svn+ssh://, y (3) otras cadenas de protocolo svn, lo que permite a atacantes remotos causar una denegación de servicio (consumición de memoria) y posiblemente ejecutar código de su elección mediante un desbordamiento de enteros que conduce a un desbordamiento basado en la pila. • http://subversion.tigris.org/security/CAN-2004-0413-advisory.txt http://www.gentoo.org/security/en/glsa/glsa-200406-07.xml http://www.novell.com/linux/security/advisories/2004_18_subversion.html http://www.securityfocus.com/advisories/6847 http://www.securityfocus.com/archive/1/365836 http://www.securityfocus.com/bid/10519 https://bugzilla.fedora.us/show_bug.cgi?id=1748 https://exchange.xforce.ibmcloud.com/vulnerabilities/16396 •