CVSS: 10.0EPSS: 33%CPEs: 98EXPL: 1CVE-2004-1137 – Linux Kernel 2.4.22-28/2.6.9 - 'igmp.c' Local Denial of Service
https://notcve.org/view.php?id=CVE-2004-1137
Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the igmp_marksources function, which does not properly validate IGMP message parameters and performs an out-of-bounds read. • https://www.exploit-db.com/exploits/686 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000930 http://isec.pl/vulnerabilities/isec-0018-igmp.txt http://marc.info/?l=bugtraq&m=110306397320336&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2005:022 http://www.novell.com/linux/security/advisories/2004_44_kernel.html http://www.redhat.com/support/errata/RHSA-2005-092.html https://bugzilla.fedora.us/show_bug.cgi?id=2336 https://exchange.xforce. •
CVSS: 10.0EPSS: 3%CPEs: 22EXPL: 0CVE-2004-1067
https://notcve.org/view.php?id=CVE-2004-1067
Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username. Error de fuera-por-uno en la función myasl_canon_user en Cyrus IMAP Server 2.2.9 y anteriores conduce a un desbordamiento de búfer, lo que puede permitir a atacantes remotos ejecutar código de su elección mediante el nombre de usuario. • http://asg.web.cmu.edu/cyrus/download/imapd/changes.html http://www.securityfocus.com/bid/11738 https://exchange.xforce.ibmcloud.com/vulnerabilities/18333 https://www.ubuntu.com/usn/usn-37-1 •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2004-1063
https://notcve.org/view.php?id=CVE-2004-1063
PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safe_mode_exec_dir restrictions and execute commands outside of the intended safe_mode_exec_dir via shell metacharacters in the current directory name. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion. ** RECHAZADA ** No usar este número de candidata. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000915 http://www.gentoo.org/security/en/glsa/glsa-200412-14.xml http://www.hardened-php.net/advisories/012004.txt http://www.mandriva.com/security/advisories?name=MDKSA-2004:151 http://www.mandriva.com/security/advisories?name=MDKSA-2005:072 http://www.osvdb.org/12412 http://www.php.net/release_4_3_10.php http://www.securityfocus.com/advisories/9028 http://www.securityfocus.com/archive/1/384545 http://www&# •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2004-1064
https://notcve.org/view.php?id=CVE-2004-1064
The safe mode checks in PHP 4.x to 4.3.9 and PHP 5.x to 5.0.2 truncate the file path before passing the data to the realpath function, which could allow attackers to bypass safe mode. NOTE: this issue was originally REJECTed by its CNA before publication, but that decision is in active dispute. This candidate may change significantly in the future as a result of further discussion. ** RECHAZADA ** No usar este número de candidata. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000915 http://www.gentoo.org/security/en/glsa/glsa-200412-14.xml http://www.hardened-php.net/advisories/012004.txt http://www.mandriva.com/security/advisories?name=MDKSA-2004:151 http://www.mandriva.com/security/advisories?name=MDKSA-2005:072 http://www.php.net/release_4_3_10.php http://www.securityfocus.com/advisories/9028 http://www.securityfocus.com/archive/1/384545 http://www.securityfocus.com/bid/11964 https: •
CVSS: 7.2EPSS: 0%CPEs: 32EXPL: 0CVE-2004-1151
https://notcve.org/view.php?id=CVE-2004-1151
Multiple buffer overflows in the (1) sys32_ni_syscall and (2) sys32_vm86_warning functions in sys_ia32.c for Linux 2.6.x may allow local attackers to modify kernel memory and gain privileges. • http://linux.bkbits.net:8080/linux-2.6/cset%401.2079 http://linux.bkbits.net:8080/linux-2.6/gnupatch%4041ae6af1cR3mJYlW6D8EHxCKSxuJiQ http://marc.info/?l=bugtraq&m=110306397320336&w=2 http://www.mandriva.com/security/advisories?name=MDKSA-2005:022 http://www.novell.com/linux/security/advisories/2004_44_kernel.html http://www.ussg.iu.edu/hypermail/linux/kernel/0411.3/1467.html •