CVSS: 7.8EPSS: 0%CPEs: 123EXPL: 0CVE-2004-1071
https://notcve.org/view.php?id=CVE-2004-1071
01 Dec 2004 — The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code. El cargador binfmt_loader (binfmt_elf.c) del kernel de Linux 2.4.x a 2.4.27, y 2.6.x a 2.6.8 no maneja adecuadamente una llamada fallida a la función nmap, lo que produce una imagen incorrectamente mapeada y puede permitir a usuarios locales ejecutar código de su... • ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U •
CVSS: 9.1EPSS: 14%CPEs: 124EXPL: 0CVE-2004-0883
https://notcve.org/view.php?id=CVE-2004-0883
01 Dec 2004 — Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header siz... • http://marc.info/?l=bugtraq&m=110072140811965&w=2 •
CVSS: 7.5EPSS: 1%CPEs: 52EXPL: 0CVE-2004-0986
https://notcve.org/view.php?id=CVE-2004-0986
19 Nov 2004 — Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers. • http://rpmfind.net/linux/RPM/suse/updates/9.2/i386/rpm/i586/iptables-1.2.11-4.2.i586.html •
CVSS: 5.5EPSS: 0%CPEs: 120EXPL: 0CVE-2004-0814
https://notcve.org/view.php?id=CVE-2004-0814
28 Oct 2004 — Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attackers to cause a denial of service (panic) by switching from console to PPP line discipline, then quickly sending data that is received during the switch. Múltiples condiciones de carrera en la capa de terminal de Linux kernel 2.4.x y 2.6.x anteriores a 2.6.9... • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=131672 •
CVSS: 5.5EPSS: 0%CPEs: 206EXPL: 0CVE-2004-0685
https://notcve.org/view.php?id=CVE-2004-0685
26 Oct 2004 — Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage. Ciertos controladores USB en el kernel de Linux 2.4 usa la función copy_to_user con structuras no inicializadas, lo que podría permitir a usuarios locales obtener información sensible leyendo memoria que no ha sido borrada desde el uso anterior. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=127921 •
CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 1CVE-2004-0816 – Linux Kernel 2.6.x - IPTables Logging Rules Integer Underflow Remote (PoC)
https://notcve.org/view.php?id=CVE-2004-0816
26 Oct 2004 — Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote attackers to cause a denial of service (application crash) via a malformed IP packet. Vaciamiento de enteros en las reglas de registro del cortafuegos de iptables en Linux anteriores a 2.6.8 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) mediante un paquete IP malformado. • https://www.exploit-db.com/exploits/24696 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 9.1EPSS: 0%CPEs: 87EXPL: 1CVE-2004-0415 – Linux Kernel 2.4.26 - File Offset Pointer Handling Memory Disclosure
https://notcve.org/view.php?id=CVE-2004-0415
05 Aug 2004 — Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory. • https://www.exploit-db.com/exploits/375 •
CVSS: 7.8EPSS: 0%CPEs: 156EXPL: 0CVE-2004-0658
https://notcve.org/view.php?id=CVE-2004-0658
13 Jul 2004 — Integer overflow in the hpsb_alloc_packet function (incorrectly reported as alloc_hpsb_packet) in IEEE 1394 (Firewire) driver 2.4 and 2.6 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via the functions (1) raw1394_write, (2) state_connected, (3) handle_remote_request, or (4) hpsb_make_writebpacket. • http://marc.info/?l=bugtraq&m=108793792820740 •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2004-0447
https://notcve.org/view.php?id=CVE-2004-0447
09 Jul 2004 — Unknown vulnerability in Linux before 2.4.26 for IA64 allows local users to cause a denial of service, with unknown impact. NOTE: due to a typo, this issue was accidentally assigned CVE-2004-0477. This is the proper candidate to use for the Linux local DoS. Vulnerabilidad desconocida en Linux para IA64 anteriores a 2.4.26 permite a usuarios locales causar una denegación de servicio, con impacto desconocido. • ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc •
CVSS: 7.1EPSS: 0%CPEs: 93EXPL: 0CVE-2004-0535
https://notcve.org/view.php?id=CVE-2004-0535
08 Jun 2004 — The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources. El controlador e1000 del kernel de Linux 2.4.26 y anteriores no inicializa la memoria antes de usarla, lo que permite a usuarios locales leer porciones de la memoria del kernel. NOTA: Este problema ha sido originalmente descrito incorrectamente por otra... • ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc •