CVSS: 5.5EPSS: 0%CPEs: 22EXPL: 1CVE-2004-0497 – Linux Kernel < 2.6.7-rc3 (Slackware 9.1 / Debian 3.0) - 'sys_chown()' Group Ownership Alteration Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-0497
06 Jul 2004 — Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4. Vulnerabilidad desconocida en el kernel 2.x de Linux puede permitir a usuarios locales modificar el ID de grupo de ficheros, como ficheros exportados con NFS en kernel 2.4. • https://www.exploit-db.com/exploits/718 •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2004-0581
https://notcve.org/view.php?id=CVE-2004-0581
23 Jun 2004 — ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp. El script ksymoops-gznm en Mandrake Linux 9.1 a 10.0, y Corporate Server 2.1 permite a usuarios locales borrar ficheros arbitrarios mediante un ataque de enlaces simbólicos en /tmp. • http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:060 •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2004-0587
https://notcve.org/view.php?id=CVE-2004-0587
23 Jun 2004 — Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service. Permisos inseguros en el fichero /proc/scsi/qla2300/HbaApiNode en Linux permite a usuarios locales causar una denegación de servicio. • ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc •
CVSS: 7.1EPSS: 0%CPEs: 93EXPL: 0CVE-2004-0535
https://notcve.org/view.php?id=CVE-2004-0535
08 Jun 2004 — The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources. El controlador e1000 del kernel de Linux 2.4.26 y anteriores no inicializa la memoria antes de usarla, lo que permite a usuarios locales leer porciones de la memoria del kernel. NOTA: Este problema ha sido originalmente descrito incorrectamente por otra... • ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2004-1180
https://notcve.org/view.php?id=CVE-2004-1180
16 Feb 2004 — Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash). • http://secunia.com/advisories/14309 •
CVSS: 4.7EPSS: 0%CPEs: 27EXPL: 1CVE-2003-0462 – Linux Kernel 2.4 - SUID 'execve()' System Call Race Condition Executable File Read
https://notcve.org/view.php?id=CVE-2003-0462
25 Jul 2003 — A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash). Una condición de carrera en la manera que los punteros env_start y env_end son inicializados en la llamada al sistema execve y usada en fs/proc/base.c en Linux 2.4 permite a usuarios locales causar una denegación de servicio (caída). • https://www.exploit-db.com/exploits/22840 •
CVSS: 9.8EPSS: 25%CPEs: 14EXPL: 1CVE-2003-0434 – Adobe Acrobat Reader (UNIX) 5.0 6 / Xpdf 0.9x Hyperlinks - Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-2003-0434
18 Jun 2003 — Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink. Varios visores de PDF, incluidos Adobe Acrobat 5.06 y Xpdf 1.01 permiten a atacantes remotos la ejecución arbitraria de comandos mediante metacaracteres de shell en un hipervínculo embebido. • https://www.exploit-db.com/exploits/22771 •
CVSS: 7.0EPSS: 0%CPEs: 29EXPL: 0CVE-2002-0638
https://notcve.org/view.php?id=CVE-2002-0638
12 Aug 2002 — setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh. setpwnam.c en el paquete util-linux, como se incluye en Red Hat Linux 7.3 y antieriores, y en otros sistemas operativos, no bloquea adecuadamente un fichero temporal cuando se mo... • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt •
CVSS: 10.0EPSS: 0%CPEs: 38EXPL: 1CVE-2002-0083 – OpenSSH 2.x/3.0.1/3.0.2 - Channel Code Off-by-One
https://notcve.org/view.php?id=CVE-2002-0083
15 Mar 2002 — Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. Error 'off-by-one' en el código de canal de OpenSSH 2.0 a 3.0.2 permite a usuarios locales o a servidores remotos ganar privilegios. • https://www.exploit-db.com/exploits/21314 • CWE-193: Off-by-one Error •
CVSS: 9.1EPSS: 7%CPEs: 16EXPL: 0CVE-2001-1449
https://notcve.org/view.php?id=CVE-2001-1449
28 Nov 2001 — The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories. • http://www.kb.cert.org/vuls/id/913704 •