CVE-2004-0915
https://notcve.org/view.php?id=CVE-2004-0915
Multiple unknown vulnerabilities in viewcvs before 0.9.2, when exporting a repository as a tar archive, does not properly implement the hide_cvsroot and forbidden settings, which could allow remote attackers to gain sensitive information. Múltiples vulnerabilidades desconocidas en viewcvs anteriores a 0.9.2, cuando se exporta un repositorio como un archivo tar, no implementa apropiadamente las configuraciones hide_cvsroot y forbidden_settings, lo que podría permitir a atacantes remotos obtener información sensible. • http://www.debian.org/security/2004/dsa-605 https://exchange.xforce.ibmcloud.com/vulnerabilities/18369 •
CVE-2004-1076
https://notcve.org/view.php?id=CVE-2004-1076
Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file. Múltiples desbordamientos de búfer en la función RtConfigLoad en Atari800 1.3.1 permite usuarios locales ejecutar código arbitrrio mediante valores grandes en el fichero de configuración. • http://cvs.sourceforge.net/viewcvs.py/atari800/atari800/DOC/ChangeLog?view=markup http://marc.info/?l=bugtraq&m=110142899319841&w=2 http://marc.info/?l=bugtraq&m=110149441815270&w=2 http://secunia.com/advisories/13670 http://www.debian.org/security/2004/dsa-609 http://www.osvdb.org/12610 http://www.securityfocus.com/bid/11756 •
CVE-2004-0770
https://notcve.org/view.php?id=CVE-2004-0770
romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of (1) gzip or (2) bzip ROM files. romload.c de DGen Emulator 1.23 y anteriores permite a usuarios locales sobreescribir ficheros de su elección mediante un ataque de enlaces simbólicos durante la descompresión de ficheros ROM gzip o bzip. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=263282&archive=yes http://secunia.com/advisories/12214 http://www.securityfocus.com/bid/10855 https://exchange.xforce.ibmcloud.com/vulnerabilities/16884 •
CVE-2004-1014
https://notcve.org/view.php?id=CVE-2004-1014
statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated. statd en nfs-utils 1.257 y anteriores hace caso a la señal SIGPIPE, lo que permite a atacanes remotos causar una denegación de servicio (caída de proceso de servidor) mediante una conexión TCP que es terminada prematuramente. • http://cvs.sourceforge.net/viewcvs.py/nfs/nfs-utils/ChangeLog?rev=1.258&view=markup http://www.debian.org/security/2004/dsa-606 http://www.redhat.com/support/errata/RHSA-2004-583.html http://www.redhat.com/support/errata/RHSA-2005-014.html http://www.securityfocus.com/archive/1/426072/30/6740/threaded http://www.securityfocus.com/bid/11785 http://www.trustix.org/errata/2004/0065 https://exchange.xforce.ibmcloud.com/vulnerabilities/18332 https://oval.cisecurity.org/reposi •
CVE-2004-1095 – zgv 5.5 - Multiple Arbitrary Code Executions
https://notcve.org/view.php?id=CVE-2004-1095
Multiple integer overflows in (1) readbmp.c, (2) readgif.c, (3) readgif.c, (4) readmrf.c, (5) readpcx.c, (6) readpng.c,(7) readpnm.c, (8) readprf.c, (9) readtiff.c, (10) readxbm.c, (11) readxpm.c in zgv 5.8 allow remote attackers to execute arbitrary code via certain image headers that cause calculations to be overflowed and small buffers to be allocated, leading to buffer overflows. NOTE: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct. Múltiples desbordamientos de enteros en readbmp.c readgif.c readgif.c readmrf.c readpcx.c readpng.c readpnm.c readprf.c readtiff.c readxbm.c readxpm.c en zgv 5.8 permite a atacantes remotos ejecutar código de su elección mediante ciertas cabeceras de imágenes que hacen que algunos cálculos se desborden y se asignen pequeños búferes, lo que conduce a desbordamientos. Nota: CAN-2004-0994 y CAN-2004-1095 identifican grupos de errores que solo se solapan parcialmente , a pesar de tener el mismo desarrollador. • https://www.exploit-db.com/exploits/609 http://marc.info/?l=bugtraq&m=109886210702781&w=2 http://marc.info/?l=bugtraq&m=109898111915661&w=2 http://www.gentoo.org/security/en/glsa/glsa-200411-12.xml http://www.securityfocus.com/bid/11556 http://www.svgalib.org/rus/zgv http://www.svgalib.org/rus/zgv/zgv-5.8-integer-overflow-fix.diff https://exchange.xforce.ibmcloud.com/vulnerabilities/17871 •