CVE-2005-0750 – Linux Kernel 2.4.x/2.6.x - BlueTooth Signed Buffer Index (PoC)
https://notcve.org/view.php?id=CVE-2005-0750
The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value. • https://www.exploit-db.com/exploits/25287 https://www.exploit-db.com/exploits/25288 https://www.exploit-db.com/exploits/25289 https://www.exploit-db.com/exploits/926 http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032913.html http://marc.info/?l=bugtraq&m=111204562102633&w=2 http://www.redhat.com/support/errata/RHSA-2005-283.html http://www.redhat.com/support/errata/RHSA-2005-284.html http://www.redhat.com/support/errata/RHSA-2005-293.html http:& •
CVE-2005-0206
https://notcve.org/view.php?id=CVE-2005-0206
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. El parche para corregir las vulnerabilidades de desbordamiento de entero en Xpdf 2.0 y 3.0 (CAN-2004-0888) es incompleto para arquitecturas de 64 bits en ciertas distribuciones de Linux como Red Hat, lo que podría dejar a los usuarios de Xpdf expuestos a las vulnerabilidades originales. • http://www.mandriva.com/security/advisories?name=MDKSA-2005:041 http://www.mandriva.com/security/advisories?name=MDKSA-2005:042 http://www.mandriva.com/security/advisories?name=MDKSA-2005:043 http://www.mandriva.com/security/advisories?name=MDKSA-2005:044 http://www.mandriva.com/security/advisories? •
CVE-2004-1184
https://notcve.org/view.php?id=CVE-2004-1184
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters. • http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://secunia.com/advisories/35074 http://securitytracker.com/id?1012965 http://support.apple.com/kb/HT3549 http://www.debian.org/security/2005/dsa-654 http://www.gentoo.org/security/en/glsa/glsa-200502-03.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:033 http://www.redhat.com/support/errata/RHSA-2005-040.html http://www.securityfocus.com/archive/1/419768/100/0/threaded http: •
CVE-2004-1235 – Linux Kernel 2.4 - 'uselib()' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-1235
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor. Condición de carrera en las llamadas de funciones (1) load_elf_library y (2) binfmt_aout de uselib de los kernel de Linux 2.4 a 2.429-rc2 y 2.6 a 2.6.10 permite a usuarios locales ejecutar código de su elección manipulando el descriptor WMA. • https://www.exploit-db.com/exploits/778 https://www.exploit-db.com/exploits/744 https://www.exploit-db.com/exploits/895 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930 http://isec.pl/vulnerabilities/isec-0021-uselib.txt http://marc.info/?l=bugtraq&m=110512575901427&w=2 http://secunia.com/advisories/20162 http://secunia.com/advisories/20163 http://secunia.com/advisories/20202 http://secunia.com/advisories/20338 http://www.debian.org/security •
CVE-2004-1154
https://notcve.org/view.php?id=CVE-2004-1154
Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html http://secunia.com/advisories/13453 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101643-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57730-1 http://www.debian.org/security/2005/dsa-701 http://www.idefense.com/application/poi/display?id=165&type=vulnerabilities http://www.kb.cert.org/vuls/id/226184 ht •