CVSS: 7.8EPSS: 0%CPEs: 123EXPL: 0CVE-2004-1071
https://notcve.org/view.php?id=CVE-2004-1071
01 Dec 2004 — The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code. El cargador binfmt_loader (binfmt_elf.c) del kernel de Linux 2.4.x a 2.4.27, y 2.6.x a 2.6.8 no maneja adecuadamente una llamada fallida a la función nmap, lo que produce una imagen incorrectamente mapeada y puede permitir a usuarios locales ejecutar código de su... • ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U •
CVSS: 5.5EPSS: 0%CPEs: 123EXPL: 1CVE-2004-1073 – Linux Kernel 2.4.27/2.6.8 - 'binfmt_elf' Executable File Read
https://notcve.org/view.php?id=CVE-2004-1073
01 Dec 2004 — The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality. La función open_exec en la funcionalidad execve (exec.c) en el kernel de Linux 2.4.x hasta 2.3.27, y 2.6.x hasta 2.6.8, permite a usuarios locales leer binarios ELF no legibles usando la funcionalidad de intérprete (PT_INTERP).. • https://www.exploit-db.com/exploits/624 •
CVSS: 7.8EPSS: 0%CPEs: 123EXPL: 0CVE-2004-1070
https://notcve.org/view.php?id=CVE-2004-1070
01 Dec 2004 — The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code. El cargador binfmt_elf (binfmt_elf.c) del kernel de Linux 2.4x a 2.4.27, y 2.6.x a 2.6.8 no verifica adecuadamente los valores de retorno de llamadas a la función kernel_read, lo que puede permitir a usu... • ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U •
CVSS: 9.1EPSS: 19%CPEs: 124EXPL: 0CVE-2004-0883
https://notcve.org/view.php?id=CVE-2004-0883
01 Dec 2004 — Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header siz... • http://marc.info/?l=bugtraq&m=110072140811965&w=2 •
CVSS: 7.5EPSS: 3%CPEs: 124EXPL: 0CVE-2004-0949
https://notcve.org/view.php?id=CVE-2004-0949
01 Dec 2004 — The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times. La función smb_recv_trans2 en el sistema de ficheros samba (smbfs) en los kernel de Linux 2.4 y 2.6 no maneja adecuadamente el reensamblaje de pa... • http://marc.info/?l=bugtraq&m=110072140811965&w=2 •
CVSS: 7.0EPSS: 0%CPEs: 79EXPL: 0CVE-2004-1068
https://notcve.org/view.php?id=CVE-2004-1068
01 Dec 2004 — A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition. Un error de "falta de serialización" en la función unix_dgram_recvmsg en Linux 2.4.27 y anteriores, y 2.6.x hasta 2.6.9, permite a usurios locales ganar privilegios aprovechando una condición de carrera. • ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U •
CVSS: 5.5EPSS: 0%CPEs: 123EXPL: 2CVE-2004-1074 – Linux Kernel 2.4.x/2.6.x - Local Denial of Service / Memory Disclosure
https://notcve.org/view.php?id=CVE-2004-1074
01 Dec 2004 — The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary. La funcionalidad binfmt en el kernel de linux, cuando está establecido memory overcommit, permite a usuarios locales causar una denegación de servicio (kernel oops) mediante un binario a.out malformado. • https://www.exploit-db.com/exploits/24777 •
CVSS: 10.0EPSS: 33%CPEs: 27EXPL: 0CVE-2004-0882
https://notcve.org/view.php?id=CVE-2004-0882
19 Nov 2004 — Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt •
CVSS: 6.5EPSS: 6%CPEs: 30EXPL: 1CVE-2004-0930
https://notcve.org/view.php?id=CVE-2004-0930
19 Nov 2004 — The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt •
CVSS: 9.8EPSS: 17%CPEs: 74EXPL: 0CVE-2004-0803
https://notcve.org/view.php?id=CVE-2004-0803
26 Oct 2004 — Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files. Múltiples vulnerabilidades en los decodificadores RLE (run length encoding) de libtiff 3.6.1 y anteriores, relacionadas con desbordamientos de enteros y de búfer, permite a atacantes remotos ejecutar código arbitrario mediante ficheros TIFF. • http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000888 •