CVSS: 6.4EPSS: 96%CPEs: 16EXPL: 3CVE-2004-0493 – Apache - Arbitrary Long HTTP Headers Denial of Service
https://notcve.org/view.php?id=CVE-2004-0493
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters. La función ap_get_mime_headers_core de Apache httpd 2.0.49 permite a atacantes remotos causar una denegación de servicio (consumición de memoria) y posiblemente un error de entero sin signo que conduce a un desbordamiento de búfer basado en el montón en en sistemas de 64 bits, mediante líneas de cabecera largas con muchos caractéres espacio o tabulador. • https://www.exploit-db.com/exploits/371 https://www.exploit-db.com/exploits/360 http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/023133.html http://marc.info/?l=bugtraq&m=108853066800184&w=2 http://marc.info/?l=bugtraq&m=109181600614477&w=2 http://security.gentoo.org/glsa/glsa-200407-03.xml http://www.apacheweek.com/features/security-20 http://www.guninski.com/httpd1.html http://www.mandriva.com/security/advisories?name=MDKSA-2004:064 http://www.r •
CVSS: 2.1EPSS: 0%CPEs: 93EXPL: 0CVE-2004-0535
https://notcve.org/view.php?id=CVE-2004-0535
The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources. El controlador e1000 del kernel de Linux 2.4.26 y anteriores no inicializa la memoria antes de usarla, lo que permite a usuarios locales leer porciones de la memoria del kernel. NOTA: Este problema ha sido originalmente descrito incorrectamente por otras fuentes como un "desbordamiento de búfer". • ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845 http://lwn.net/Articles/91155 http://security.gentoo.org/glsa/glsa-200407-02.xml http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log http://www.mandriva.com/security/advisories?name=MDKSA-2004:062 http://www.novell.com/linux/security/advisories/2004_20_kern •
CVSS: 7.2EPSS: 0%CPEs: 112EXPL: 3CVE-2004-0077 – Linux Kernel 2.2.25/2.4.24/2.6.2 - 'mremap()' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-0077
The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985. La función do_remap en mremap de Linux 2.2 a 2.2.25, 2.4 a 2.4.24, y 2.6 a 2.6.2 no comprueba adecuadamente el valor devuelto por la función do_munmap cuando se excede el número máximo de descriptores VMA, lo que permite a usuarios locales ganar privilegios de root, una vulnerabilidad distinta de CAN-2004-0985. A critical security vulnerability has been found in the Linux kernel memory management code inside the mremap(2) system call due to missing function return value check. This bug is completely unrelated to the mremap bug disclosed on 05-01-2004 except concerning the same internal kernel function code. Versions affected: 2.2 up to 2.2.25, 2.4 up to 2.4.24, 2.6 up to 2.6.2. • https://www.exploit-db.com/exploits/160 https://www.exploit-db.com/exploits/154 http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0040.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000820 http://fedoranews.org/updates/FEDORA-2004-079.shtml http://frontal2.mandriva.com/security/advisories?name=MDKSA-2004:015 http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt http://marc.info/?l=bugtraq&m=107711762014175&w=2 http://marc.info/?l=bugtraq&m=10771 •
CVSS: 7.5EPSS: 35%CPEs: 31EXPL: 0CVE-2003-0962
https://notcve.org/view.php?id=CVE-2003-0962
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail. Desbordamiento de búfer en el montón en rsync anteriores a 2.5.7, cuando se ejecuta en modo servidor, permite a atacantes remotos ejecutar código arbitrario y posiblemente escapar del confinamiento chroot. • ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000794 http://marc.info/?l=bugtraq&m=107055681311602&w=2 http://marc.info/?l=bugtraq&m=107055684711629&w=2 http://marc.info/?l=bugtraq&m=107055702911867&w=2 http://marc.info/? •
CVSS: 2.1EPSS: 0%CPEs: 31EXPL: 0CVE-2002-1319
https://notcve.org/view.php?id=CVE-2002-1319
The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on x86 systems, allows local users to cause a denial of service (hang) via the emulation mode, which does not properly clear TF and NT EFLAGs. El kernel de Linux 2.4.20 y anteriores, y 2.5.x, cuando se ejecuta en sistemas x86, permite a usuarios locales causar una denegación de servicio (cuelgue) mediante el modo de emulación, que no borra adecuadamente los marcadores (flags) TF y NT EFLAGs. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000553 http://marc.info/?l=bugtraq&m=103714004623587&w=2 http://marc.info/?l=bugtraq&m=103737292709297&w=2 http://rhn.redhat.com/errata/RHSA-2002-262.html http://rhn.redhat.com/errata/RHSA-2002-264.html http://www.redhat.com/support/errata/RHSA-2002-263.html http://www.securityfocus.com/bid/6115 https://exchange.xforce.ibmcloud.com/vulnerabilities/10576 https://access.redhat.com/security/cve/CVE-2002-1319 h •