CVSS: 7.1EPSS: 1%CPEs: 111EXPL: 1CVE-2004-1471 – CVS 1.11.x - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2004-1471
Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line. • https://www.exploit-db.com/exploits/24182 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:14.cvs.asc http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html http://security.e-matters.de/advisories/092004.html http://www.securityfocus.com/bid/10499 https://exchange.xforce.ibmcloud.com/vulnerabilities/16365 •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2004-2760
https://notcve.org/view.php?id=CVE-2004-2760
sshd in OpenSSH 3.5p1, when PermitRootLogin is disabled, immediately closes the TCP connection after a root login attempt with the correct password, but leaves the connection open after an attempt with an incorrect password, which makes it easier for remote attackers to guess the password by observing the connection state, a different vulnerability than CVE-2003-0190. NOTE: it could be argued that in most environments, this does not cross privilege boundaries without requiring leverage of a separate vulnerability. • http://archive.cert.uni-stuttgart.de/bugtraq/2004/04/msg00162.html http://securityreason.com/securityalert/4100 http://www.securityfocus.com/archive/1/360198 • CWE-16: Configuration •
CVSS: 2.1EPSS: 0%CPEs: 3EXPL: 0CVE-2004-2230
https://notcve.org/view.php?id=CVE-2004-2230
Heap-based buffer overflow in isakmpd on OpenBSD 3.4 through 3.6 allows local users to cause a denial of service (panic) and corrupt memory via IPSEC credentials on a socket. • http://secunia.com/advisories/13443 http://securitytracker.com/id?1012511 http://www.openbsd.org/errata36.html http://www.osvdb.org/12400 http://www.securityfocus.com/bid/11928 https://exchange.xforce.ibmcloud.com/vulnerabilities/18486 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2004-2338
https://notcve.org/view.php?id=CVE-2004-2338
OpenBSD 3.3 and 3.4 does not properly parse Accept and Deny rules without netmasks on big-endian 64-bit platforms such as SPARC64, which may allow remote attackers to bypass access restrictions. • http://www.openbsd.org/errata33.html http://www.openbsd.org/errata34.html http://www.securityfocus.com/bid/9867 •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2004-1799
https://notcve.org/view.php?id=CVE-2004-1799
PF in certain OpenBSD versions, when stateful filtering is enabled, does not limit packets for a session to the original interface, which allows remote attackers to bypass intended packet filters via spoofed packets to other interfaces. • http://marc.info/?l=full-disclosure&m=107331321302113&w=2 http://www.osvdb.org/19105 http://www.securityfocus.com/bid/9362 •