Page 37 of 328 results (0.009 seconds)

CVSS: 7.5EPSS: 0%CPEs: 20EXPL: 3

CVE-2004-1737 – RaXnet Cacti 0.6.x/0.8.x - 'Auth_Login.php' SQL Injection

https://notcve.org/view.php?id=CVE-2004-1737

SQL injection vulnerability in auth_login.php in Cacti 0.8.5a allows remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) password parameters. • https://www.exploit-db.com/exploits/24375 http://lists.grok.org.uk/pipermail/full-disclosure/2004-August/025376.html http://marc.info/?l=bugtraq&m=109272483621038&w=2 http://secunia.com/advisories/12308 http://www.gentoo.org/security/en/glsa/glsa-200408-21.xml http://www.securityfocus.com/bid/10960 https://exchange.xforce.ibmcloud.com/vulnerabilities/17011 •

CVSS: 7.5EPSS: 9%CPEs: 34EXPL: 0

CVE-2004-0500

https://notcve.org/view.php?id=CVE-2004-0500

Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call. Desbordamiento de búfer en los conectores de protocolo MSN (1) object.c y (2) slp.c en Gaim anteriores a 0.83 permite a atacantes remotos causar una denegación de servicio y posiblemente ejecutar código de su elección mediante mensajes de protocolo MSNSLP que no son manejados adecuadamene por una llamada strncpy. • http://gaim.sourceforge.net/security/?id=0 http://www.fedoranews.org/updates/FEDORA-2004-278.shtml http://www.fedoranews.org/updates/FEDORA-2004-279.shtml http://www.gentoo.org/security/en/glsa/glsa-200408-12.xml http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:081 http://www.novell.com/linux/security/advisories/2004_25_gaim.html http://www.redhat.com/support/errata/RHSA-2004-400.html ht •

CVSS: 10.0EPSS: 26%CPEs: 13EXPL: 3

CVE-2004-0557 – SoX - '.wav' Local Buffer Overflow

https://notcve.org/view.php?id=CVE-2004-0557

Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields. Múltiples desbordamientos de búfer en Sound eXchange (SoX) anteriores a 12.17 permite a atacantes remotos ejecutar código arbitrario mediante ciertos campos de cabecera de ficheros WAV. • https://www.exploit-db.com/exploits/374 https://www.exploit-db.com/exploits/369 http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0014.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000855 http://lwn.net/Articles/95529 http://lwn.net/Articles/95530 http://seclists.org/fulldisclosure/2004/Jul/1227.html http://secunia.com/advisories/12175 http://www.debian.org/security/2004/dsa-565 http://www.gentoo.org/security/en/glsa/glsa-200407-23.xml h •

CVSS: 7.5EPSS: 90%CPEs: 44EXPL: 0

CVE-2004-0700 – mod_proxy hook format string

https://notcve.org/view.php?id=CVE-2004-0700

Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function. Vulnerabilidad de cadena de formateo en la función ssl_log en ssl_engine_log.c en mod_ssl 2.8.10 de Apache 1.3.31 puede permitir a atacantes remotos ejecutar mensajes de su elección mediante especificadores de cadena de formato en ciertos mensajes de registro de HTTPS. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000857 http://marc.info/?l=apache-modssl&m=109001100906749&w=2 http://marc.info/?l=bugtraq&m=109005001205991&w=2 http://packetstormsecurity.org/0407-advisories/modsslFormat.txt http://virulent.siyahsapka.org http://www.debian.org/security/2004/dsa-532 http://www.kb.cert.org/vuls/id/303448 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:075 http://www.osvdb.org/7929 http://www.redhat. •

CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0

CVE-2004-0667

https://notcve.org/view.php?id=CVE-2004-0667

Rule Set Based Access Control (RSBAC) 1.2.2 through 1.2.3 allows access to sys_creat, sys_open, and sys_mknod inside jails, which could allow local users to gain elevated privileges. • http://marc.info/?l=bugtraq&m=108861182906067&w=2 http://marc.info/?l=bugtraq&m=108879977120430&w=2 http://www.rsbac.org/download/bugfixes http://www.securityfocus.com/bid/10640 https://exchange.xforce.ibmcloud.com/vulnerabilities/16552 •