CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2005-0077
https://notcve.org/view.php?id=CVE-2005-0077
29 Jan 2005 — The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a symlink attack on a temporary PID file. • http://marc.info/?l=bugtraq&m=110667936707597&w=2 •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2005-0080
https://notcve.org/view.php?id=CVE-2005-0080
19 Jan 2005 — The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 displays a different error message depending on whether the e-mail address is subscribed to a private list, which allows remote attackers to determine the list membership for a given e-mail address. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=285839 •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2004-2154
https://notcve.org/view.php?id=CVE-2004-2154
31 Dec 2004 — CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive. • http://www.cups.org/str.php?L700 • CWE-178: Improper Handling of Case Sensitivity •
CVSS: 10.0EPSS: 24%CPEs: 2EXPL: 2CVE-2004-1018 – PHP 3/4/5 - Multiple Local/Remote Vulnerabilities
https://notcve.org/view.php?id=CVE-2004-1018
08 Dec 2004 — Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underflow" in the pack function, or (3) an "integer overflow/underflow" in the unpack function. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a re... • https://www.exploit-db.com/exploits/24854 •
CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 0CVE-2004-1063
https://notcve.org/view.php?id=CVE-2004-1063
08 Dec 2004 — PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safe_mode_exec_dir restrictions and execute commands outside of the intended safe_mode_exec_dir via shell metacharacters in the current directory name. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion. ** RECHAZADA ** No usar este ... • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000915 •
CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 0CVE-2004-1064
https://notcve.org/view.php?id=CVE-2004-1064
08 Dec 2004 — The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow attackers to bypass safe mode. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion. ** RECHAZADA ** No usar este número de candidata. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000915 •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0CVE-2004-1002
https://notcve.org/view.php?id=CVE-2004-1002
04 Nov 2004 — Integer underflow in pppd in cbcp.c for ppp 2.4.1 allows remote attackers to cause a denial of service (daemon crash) via a CBCP packet with an invalid length value that causes pppd to access an incorrect memory location. • http://www.securityfocus.com/archive/1/379450 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.1EPSS: 0%CPEs: 12EXPL: 1CVE-1999-1572
https://notcve.org/view.php?id=CVE-1999-1572
16 Jul 1996 — cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files. • http://marc.info/?l=bugtraq&m=110763404701519&w=2 •