
CVE-2004-0716
https://notcve.org/view.php?id=CVE-2004-0716
27 Jul 2004 — Buffer overflow in the DCE daemon (DCED) for the DCE endpoint mapper (epmap) on HP-UX 11 allows remote attackers to execute arbitrary code via a request with a small fragment length and a large amount of data. Desbordamiento de búfer en el demonio DCE (DCED) del mapeador de punto final (epmap) de HP-UX 11 permite a atacantes remotos ejecutar código arbitrario mediante una petición con una longitud de fragmento pequeña y una cantidad de datos grande. • http://support.entegrity.com/private/patches/dce/ssrt4741.asp •

CVE-2004-0112
https://notcve.org/view.php?id=CVE-2004-0112
18 Mar 2004 — The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. El código que une SSL/TLS en OpenSSL 0.9.7a, 0.9.7b y 0.9.7c, usando Kerberos, no comprueba adecuadamente la longitud de los tickets de Kerberos, lo que permite que atacantes remotos provoquen una dene... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc • CWE-125: Out-of-bounds Read •

CVE-2004-0079
https://notcve.org/view.php?id=CVE-2004-0079
18 Mar 2004 — The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. La función do_change_cipher_spec en OpenSSL 0.9.6c hasta 0.9.6.k y 0.9.7a hasta 0.9.7c permite que atacantes remotos provoquen una denegación de servicio (caída) mediante una hábil unión SSL/TLS que provoca un puntero nulo. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc • CWE-476: NULL Pointer Dereference •

CVE-2004-0081
https://notcve.org/view.php?id=CVE-2004-0081
18 Mar 2004 — OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. OpenSSL 0.9.6 anteriores a la 0.9.6d no manejan adecuadamente los tipos de mensajes desconocidos, lo que permite a atacantes remotos causar una denegación de servicios (por bucle infinito), como se demuestra utilizando la herramienta de testeo Codenomicon TLS. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt •

CVE-2004-1764
https://notcve.org/view.php?id=CVE-2004-1764
14 Jan 2004 — Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors. • http://www.ciac.org/ciac/bulletins/o-057.shtml •

CVE-2003-1087
https://notcve.org/view.php?id=CVE-2003-1087
31 Dec 2003 — Unknown vulnerability in diagmond and possibly other applications in HP9000 Series 700/800 running HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows remote attackers to cause a denial of service (program failure) via certain network traffic. • http://marc.info/?l=bugtraq&m=109292319608851&w=2 •

CVE-2003-1356
https://notcve.org/view.php?id=CVE-2003-1356
31 Dec 2003 — The "file handling" in sort in HP-UX 10.01 through 10.20, and 11.00 through 11.11 is "incorrect," which allows attackers to gain access or cause a denial of service via unknown vectors. • http://archives.neohapsis.com/archives/hp/2003-q1/0009.html • CWE-264: Permissions, Privileges, and Access Controls •

CVE-2003-1362
https://notcve.org/view.php?id=CVE-2003-1362
31 Dec 2003 — Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configure the (1) NOVRFY and (2) NOEXPN options in the sendmail.cf file, which could allow remote attackers to verify the existence of system users and expand defined sendmail aliases. • http://archives.neohapsis.com/archives/hp/2003-q1/0033.html • CWE-16: Configuration •

CVE-2003-1374
https://notcve.org/view.php?id=CVE-2003-1374
31 Dec 2003 — Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long argument to the (1) -r or (2)-c options. • http://archives.neohapsis.com/archives/bugtraq/2003-02/0156.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVE-2003-1099
https://notcve.org/view.php?id=CVE-2003-1099
31 Dec 2003 — shar on HP-UX B.11.00, B.11.04, and B.11.11 creates temporary files with predictable names in /tmp, which allows local users to cause a denial of service and possibly execute arbitrary code via a symlink attack. • http://secunia.com/advisories/10339 •