CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2004-2163
https://notcve.org/view.php?id=CVE-2004-2163
login_radius on OpenBSD 3.2, 3.5, and possibly other versions does not verify the shared secret in a response packet from a RADIUS server, which allows remote attackers to bypass authentication by spoofing server replies. • http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0058.html http://secunia.com/advisories/12617 http://www.openbsd.org/errata35.html#radius http://www.osvdb.org/10203 http://www.reseau.nl/advisories/0400-openbsd-radius.txt http://www.securityfocus.com/bid/11227 https://exchange.xforce.ibmcloud.com/vulnerabilities/17456 •
CVSS: 5.0EPSS: 7%CPEs: 2EXPL: 0CVE-2004-2069
https://notcve.org/view.php?id=CVE-2004-2069
sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to cause a denial of service (connection consumption). • http://marc.info/?l=openssh-unix-dev&m=107520317020444&w=2 http://marc.info/?l=openssh-unix-dev&m=107529205602320&w=2 http://rhn.redhat.com/errata/RHSA-2005-550.html http://secunia.com/advisories/17000 http://secunia.com/advisories/17135 http://secunia.com/advisories/17252 http://secunia.com/advisories/22875 http://secunia.com/advisories/23680 http://support.avaya.com/elmodocs2/security/ASA-2005-216.pdf http://support.avaya.com/elmodocs2/security/ASA-2005-223.pdf •
CVSS: 7.5EPSS: 36%CPEs: 23EXPL: 0CVE-2004-0688 – openmotif21 stack overflows in libxpm
https://notcve.org/view.php?id=CVE-2004-0688
Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file. Múltiples desbordamientos de búfer en xpmParseColors en parse.c de libXpm anteriores a 6.8.1 permite a atacantes remotos ejecutar código arbitrario mediante un fichero de imagen XPM malformado. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000924 http://ftp.x.org/pub/X11R6.8.0/patches/README.xorg-CAN-2004-0687-0688.patch http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://marc.info/?l=bugtraq&m=109530851323415&w=2 http://scary.beasts.org/security/CESA-2004-003.txt http://secunia.com/advisories/20235 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57653-1 http://www.debian.org/security/2004/dsa-560 http:&# •
CVSS: 7.5EPSS: 42%CPEs: 23EXPL: 0CVE-2004-0687 – openmotif21 stack overflows in libxpm
https://notcve.org/view.php?id=CVE-2004-0687
Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file. Múltiples desbordamientos de búfer basados en la pila en (1) xpmParseColors en parse.c, (2) ParseAndPutPixels en create.c, y (3) ParsePixels en parse.c de libXpm anteriores a 6.8.1 permite a atacantes remotos ejecutar código de su elección mediante una imagen XPM malformada. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000924 http://ftp.x.org/pub/X11R6.8.0/patches/README.xorg-CAN-2004-0687-0688.patch http://lists.apple.com/archives/security-announce/2005/May/msg00001.html http://marc.info/?l=bugtraq&m=109530851323415&w=2 http://packetstormsecurity.com/files/170620/Solaris-10-dtprintinfo-libXm-libXpm-Security-Issues.html http://scary.beasts.org/security/CESA-2004-003.txt http://secunia.com/advisories/20235 http://sunsolve.sun.com/search&# •
CVSS: 5.0EPSS: 2%CPEs: 7EXPL: 0CVE-2004-0257
https://notcve.org/view.php?id=CVE-2004-0257
OpenBSD 3.4 and NetBSD 1.6 and 1.6.1 allow remote attackers to cause a denial of service (crash) by sending an IPv6 packet with a small MTU to a listening port and then issuing a TCP connect to that port. OpenBSD 3.4 y NetBSD 1.6 y 1.6.1 permiten a atacantes remotos causar una denegación de servicio (caida) enviand un paquete IPv6 con una MTU pequeña a un puerto en escucha y a continuación un conectar TCP a ese puerto. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-002.txt.asc http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/016704.html http://marc.info/?l=bugtraq&m=107604603226564&w=2 http://www.guninski.com/obsdmtu.html http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet6/ip6_output.c http://www.osvdb.org/3825 http://www.securityfocus.com/bid/9577 https://exchange.xforce.ibmcloud.com/vulnerabilities/15044 •