CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2004-0653
https://notcve.org/view.php?id=CVE-2004-0653
13 Jul 2004 — Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an "auth" module with the debug feature enabled, records passwords in plaintext, which could allow local users to gain other user's passwords by reading log files. Solaris 9, cuando se configura como cliente Kerberos con parche 112908-12 o 115168-03 y usando pam_krd5 como módulo "auth" con la característica de depuración activada, registra contraseñas en texto plano, lo que podría permitir a usuarios loca... • http://secunia.com/advisories/11940 •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2004-0496
https://notcve.org/view.php?id=CVE-2004-0496
06 Jul 2004 — Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool. Multiples vulnerabilidades desconocidas en el kernel 2.6 de Linux permite a usuarios locales ganar privilegios o acceder a memoria del kernel, un grupo de vulerabilidades distinto de los identificado por CAN-2004-0495, como se ha encontrado con la herramienta de comprobac... • http://www.novell.com/linux/security/advisories/2004_20_kernel.html •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2004-1346
https://notcve.org/view.php?id=CVE-2004-1346
19 Jun 2004 — The Sun Solaris Volume Manager (SVM) on Solaris 9 allows local users to cause a denial of service (kernel panic) via a malformed probe request to the SVM. • http://secunia.com/advisories/12104 •
CVSS: 10.0EPSS: 25%CPEs: 31EXPL: 0CVE-2004-0523
https://notcve.org/view.php?id=CVE-2004-0523
03 Jun 2004 — Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root. Múltiples desbordamientos de búfer en krb5_aname_to_localname en MIT Kerberos 5 (krb5) 1.3.3 y anteriores permite a atacantes remtos ejecutar código de su elección como root • ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc •
CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0CVE-2004-1354
https://notcve.org/view.php?id=CVE-2004-1354
14 May 2004 — The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information in conjunction with a directory traversal (..) attack. • http://secunia.com/advisories/11616 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 1%CPEs: 20EXPL: 8CVE-2004-0230 – TCP Connection Reset - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2004-0230
05 May 2004 — TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP. TCP, cuando se usa un tamaño de ventana de transmisión grande, hace más fácil a atacantes remotos adivinar números de secuencia y causar una denegación de servicio (pérdida de la conexión) en conexiones TCP persistentes in... • https://www.exploit-db.com/exploits/291 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2004-1356
https://notcve.org/view.php?id=CVE-2004-1356
23 Apr 2004 — Unknown vulnerability in the sendfilev function in Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors. • http://secunia.com/advisories/11457 •
CVSS: 9.1EPSS: 1%CPEs: 2EXPL: 0CVE-2004-1357
https://notcve.org/view.php?id=CVE-2004-1357
07 Apr 2004 — The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their activities. • http://secunia.com/advisories/11316 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2004-0360 – Solaris 8/9 passwd - 'circ()' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-0360
18 Mar 2004 — Unknown vulnerability in passwd(1) in Solaris 8.0 and 9.0 allows local users to gain privileges via unknown attack vectors. • https://www.exploit-db.com/exploits/715 •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2004-1358
https://notcve.org/view.php?id=CVE-2004-1358
12 Mar 2004 — The patches (1) 114332-08 and (2) 114929-06 for Sun Solaris 9 disable the auditing functionality of the Basic Security Module (BSM), which allows attackers to avoid having their activity logged. • http://sunsolve.sun.com/search/document.do?assetkey=1-26-57478-1&searchclause=%22category:security%22%20%20114332-08 •