CVSS: 10.0EPSS: 10%CPEs: 23EXPL: 1CVE-2004-1012 – cryus.imap.2.2.8.txt
https://notcve.org/view.php?id=CVE-2004-1012
24 Nov 2004 — The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption. El procesador de argumentos de la orden PARTIAL de Cyrus IMAP Server 2.2.6 y anteriores permite a usuarios remotos autentificados ejecutar código de su elección mediante una cierta orden ("body[p") ... • https://packetstorm.news/files/id/36883 •
CVSS: 10.0EPSS: 10%CPEs: 23EXPL: 1CVE-2004-1013 – cryus.imap.2.2.8.txt
https://notcve.org/view.php?id=CVE-2004-1013
24 Nov 2004 — The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption. El procesador de argumentos de la orden FETCH de Cyrus IMAP Server 2.2.x a 2.2.8 permite a usuarios remotos autenticados ejecutar código de su elección mediante ciertos comandos como (1) "body[p", (2) "bina... • https://packetstorm.news/files/id/36883 •
CVSS: 9.1EPSS: 19%CPEs: 124EXPL: 0CVE-2004-0883 – 142004.txt
https://notcve.org/view.php?id=CVE-2004-0883
20 Nov 2004 — Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header siz... • http://marc.info/?l=bugtraq&m=110072140811965&w=2 •
CVSS: 7.5EPSS: 3%CPEs: 124EXPL: 0CVE-2004-0949 – 142004.txt
https://notcve.org/view.php?id=CVE-2004-0949
20 Nov 2004 — The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times. La función smb_recv_trans2 en el sistema de ficheros samba (smbfs) en los kernel de Linux 2.4 y 2.6 no maneja adecuadamente el reensamblaje de pa... • http://marc.info/?l=bugtraq&m=110072140811965&w=2 •
CVSS: 10.0EPSS: 33%CPEs: 27EXPL: 0CVE-2004-0882 – Trustix Secure Linux Security Advisory 2004.58
https://notcve.org/view.php?id=CVE-2004-0882
19 Nov 2004 — Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value. Samba versions 3 through 3.0.7 suffer from a buffer overflow inside the QFILEPATHINFO request handler. This vulnerability allows for remote code execution. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt •
CVSS: 7.8EPSS: 0%CPEs: 51EXPL: 0CVE-2004-1051
https://notcve.org/view.php?id=CVE-2004-1051
18 Nov 2004 — sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html •
CVSS: 7.5EPSS: 1%CPEs: 17EXPL: 0CVE-2004-0983 – dsa-586.txt
https://notcve.org/view.php?id=CVE-2004-0983
10 Nov 2004 — The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request. The upstream developers of Ruby have corrected a problem in the CGI module for this language. Specially crafted requests could cause an infinite loop and thus cause the program to eat up cpu cycles. • http://www.debian.org/security/2004/dsa-586 •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2004-1007
https://notcve.org/view.php?id=CVE-2004-1007
04 Nov 2004 — The quoted-printable decoder in bogofilter 0.17.4 to 0.92.7 allows remote attackers to cause a denial of service (application crash) via mail headers that cause a line feed (LF) to be replaced by a null byte that is written to an incorrect memory address. • http://bogofilter.sourceforge.net/security/bogofilter-SA-2004-01 •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0CVE-2004-1002
https://notcve.org/view.php?id=CVE-2004-1002
04 Nov 2004 — Integer underflow in pppd in cbcp.c for ppp 2.4.1 allows remote attackers to cause a denial of service (daemon crash) via a CBCP packet with an invalid length value that causes pppd to access an incorrect memory location. • http://www.securityfocus.com/archive/1/379450 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 10.0EPSS: 28%CPEs: 16EXPL: 2CVE-2004-0989 – Libxml2 - Multiple Remote Stack Buffer Overflow Vulnerabilities
https://notcve.org/view.php?id=CVE-2004-0989
28 Oct 2004 — Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost. • https://www.exploit-db.com/exploits/24704 •