CVSS: 9.1EPSS: 1%CPEs: 28EXPL: 2CVE-2004-2044 – PHP-Nuke 5.x/6.x/7.x - Direct Script Access Security Bypass
https://notcve.org/view.php?id=CVE-2004-2044
01 Jun 2004 — PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase such as the Nuke Cops betaNC PHP-Nuke Bundle, OSCNukeLite 3.1, and OSC2Nuke 7x do not properly use the eregi() PHP function with $_SERVER['PHP_SELF'] to identify the calling script, which allows remote attackers to directly access scripts, obtain path information via a PHP error message, and possibly gain access, as demonstrated using an HTTP request that contains the "admin.php" string. • https://www.exploit-db.com/exploits/24166 •
CVSS: 9.1EPSS: 1%CPEs: 11EXPL: 0CVE-2004-0432
https://notcve.org/view.php?id=CVE-2004-0432
05 May 2004 — ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions. ProFTPD 1.2.9 trata las directivas Permitir y Denegar para ACLS basadas en CIDR como si fueran AllowAll (Permitir Todo), lo que podría permitir a clientes FTP saltarse las restricciones de acceso pretendidas. • http://bugs.proftpd.org/show_bug.cgi?id=2267 •
CVSS: 6.5EPSS: 2%CPEs: 26EXPL: 0CVE-2004-0421 – CAN-2004-0421 libpng can access out of bounds memory
https://notcve.org/view.php?id=CVE-2004-0421
05 May 2004 — The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message. La librería de Graficos de Red Portables (libpng) 1.0.15 y anteriores permiten a atacantes causar una denegación de servicio (caída) mediante un fichero de imagen PNG que dispara un error que causa un lectura fuera de límites cuando se crea el mensaje de error. • http://lists.apple.com/mhonarc/security-announce/msg00056.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 112EXPL: 3CVE-2004-0077 – Linux Kernel 2.2.25/2.4.24/2.6.2 - 'mremap()' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-0077
03 Mar 2004 — The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985. La función do_remap en mremap de Linux 2.2 a 2.2.25, 2.4 a 2.4.24, y 2.6 a 2.6.2 no comprueba adecuadamente el valor devuelto por la función do_munmap cuando se excede el número máximo... • https://www.exploit-db.com/exploits/160 •
CVSS: 5.5EPSS: 0%CPEs: 31EXPL: 0CVE-2002-1319
https://notcve.org/view.php?id=CVE-2002-1319
11 Dec 2002 — The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on x86 systems, allows local users to cause a denial of service (hang) via the emulation mode, which does not properly clear TF and NT EFLAGs. El kernel de Linux 2.4.20 y anteriores, y 2.5.x, cuando se ejecuta en sistemas x86, permite a usuarios locales causar una denegación de servicio (cuelgue) mediante el modo de emulación, que no borra adecuadamente los marcadores (flags) TF y NT EFLAGs. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000553 •
CVSS: 10.0EPSS: 0%CPEs: 38EXPL: 1CVE-2002-0083 – OpenSSH 2.x/3.0.1/3.0.2 - Channel Code Off-by-One
https://notcve.org/view.php?id=CVE-2002-0083
15 Mar 2002 — Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. Error 'off-by-one' en el código de canal de OpenSSH 2.0 a 3.0.2 permite a usuarios locales o a servidores remotos ganar privilegios. • https://www.exploit-db.com/exploits/21314 • CWE-193: Off-by-one Error •
CVSS: 9.1EPSS: 0%CPEs: 15EXPL: 0CVE-2001-1030
https://notcve.org/view.php?id=CVE-2001-1030
18 Jul 2001 — Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning. • http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html •
CVSS: 5.5EPSS: 0%CPEs: 19EXPL: 1CVE-2001-0169 – GLIBC 2.1.3 - 'LD_PRELOAD' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2001-0169
26 Mar 2001 — When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib. • https://www.exploit-db.com/exploits/290 •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2001-0117
https://notcve.org/view.php?id=CVE-2001-0117
12 Mar 2001 — sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack. • http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2000-70-028-01 •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2001-0142
https://notcve.org/view.php?id=CVE-2001-0142
12 Mar 2001 — squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations. • http://archives.neohapsis.com/archives/bugtraq/2001-01/0212.html •