CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2004-0653
https://notcve.org/view.php?id=CVE-2004-0653
Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an "auth" module with the debug feature enabled, records passwords in plaintext, which could allow local users to gain other user's passwords by reading log files. Solaris 9, cuando se configura como cliente Kerberos con parche 112908-12 o 115168-03 y usando pam_krd5 como módulo "auth" con la característica de depuración activada, registra contraseñas en texto plano, lo que podría permitir a usuarios locales ganar las contraseñas de otros usuarios leyendo ficheros de registro de sucesos (log). • http://secunia.com/advisories/11940 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57587 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101519-1 http://www.ciac.org/ciac/bulletins/o-172.shtml http://www.kb.cert.org/vuls/id/523710 http://www.securityfocus.com/bid/10606 https://exchange.xforce.ibmcloud.com/vulnerabilities/16450 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2065 https://oval.cisecurity.org/repository/searc •
CVSS: 7.2EPSS: 0%CPEs: 18EXPL: 0CVE-2004-0496
https://notcve.org/view.php?id=CVE-2004-0496
Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool. Multiples vulnerabilidades desconocidas en el kernel 2.6 de Linux permite a usuarios locales ganar privilegios o acceder a memoria del kernel, un grupo de vulerabilidades distinto de los identificado por CAN-2004-0495, como se ha encontrado con la herramienta de comprobación de código fuente Sparse • http://www.novell.com/linux/security/advisories/2004_20_kernel.html https://exchange.xforce.ibmcloud.com/vulnerabilities/16625 •
CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0CVE-2004-1346
https://notcve.org/view.php?id=CVE-2004-1346
The Sun Solaris Volume Manager (SVM) on Solaris 9 allows local users to cause a denial of service (kernel panic) via a malformed probe request to the SVM. • http://secunia.com/advisories/12104 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57598-1&searchclause=security http://www.auscert.org.au/render.html?it=4253 http://www.kb.cert.org/vuls/id/390742 http://www.securityfocus.com/bid/10747 https://exchange.xforce.ibmcloud.com/vulnerabilities/16729 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3465 •
CVSS: 10.0EPSS: 26%CPEs: 31EXPL: 0CVE-2004-0523
https://notcve.org/view.php?id=CVE-2004-0523
Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root. Múltiples desbordamientos de búfer en krb5_aname_to_localname en MIT Kerberos 5 (krb5) 1.3.3 y anteriores permite a atacantes remtos ejecutar código de su elección como root • ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000860 http://lwn.net/Articles/88206 http://marc.info/?l=bugtraq&m=108612325909496&w=2 http://marc.info/?l=bugtraq&m=108619161815320&w=2 http://marc.info/?l=bugtraq&m=108619250923790&w=2 http://sunsolve.sun.com/search/document.do? •
CVSS: 5.0EPSS: 1%CPEs: 5EXPL: 0CVE-2004-1354
https://notcve.org/view.php?id=CVE-2004-1354
The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information in conjunction with a directory traversal (..) attack. • http://secunia.com/advisories/11616 http://spoofed.org/files/text/solaris-smc-advisory.txt http://sunsolve.sun.com/search/document.do?assetkey=1-26-57559-1&searchclause=%22category:security%22%20%20111313-02 http://www.auscert.org.au/render.html?it=4105 http://www.derkeiler.com/Mailing-Lists/securityfocus/focus-sun/2003-10/0032.html http://www.osvdb.org/displayvuln.php?osvdb_id=6119 http://www.securityfocus.com/bid/10349 http://www.securityfocus.com/bid/8873 https://exchange& • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •