CVSS: 10.0EPSS: 9%CPEs: 1EXPL: 2CVE-2004-0953 – Jabber Server 2.0 - Multiple Remote Buffer Overflow Vulnerabilities
https://notcve.org/view.php?id=CVE-2004-0953
Buffer overflow in the C2S module in the open source Jabber 2.x server (Jabberd) allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long username. Desbordamiento de búfer en el módulo C2S de Jabber 2.x servidor (Jabberd) permite a atacantes remotos causar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código de su elección mediante un nombre de usuario largo. • https://www.exploit-db.com/exploits/24770 http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029346.html http://marc.info/?l=bugtraq&m=110144303826709&w=2 http://www.securityfocus.com/bid/11741 https://exchange.xforce.ibmcloud.com/vulnerabilities/18238 •
CVSS: 10.0EPSS: 96%CPEs: 2EXPL: 2CVE-2004-0541 – Squid - NTLM (Authenticated) Overflow
https://notcve.org/view.php?id=CVE-2004-0541
Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password ("pass" variable). Desbordamiento de búfer en la función ntlm_check_auth (autenticación NTLM) de Squid Web Proxy Cache 2.5.x y 3.x, cuando se compila con manejadores NTLM activados, permite a atacantes remotos ejecutar código de su elección mediante una contraseña larga (variable "pass") • https://www.exploit-db.com/exploits/16847 https://www.exploit-db.com/exploits/9951 ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc http://fedoranews.org/updates/FEDORA--.shtml http://www.gentoo.org/security/en/glsa/glsa-200406-13.xml http://www.idefense.com/application/poi/display?id=107&type=vulnerabilities http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:059 http://www.redhat.com/support/errata/RHSA-2004-242.html http:/& •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2004-0401
https://notcve.org/view.php?id=CVE-2004-0401
Unknown vulnerability in libtasn1 0.1.x before 0.1.2, and 0.2.x before 0.2.7, related to the DER parsing functions. Vulnerabilidad en libtasn1 0.1.x anteriors a 0.1.2 y 0.2.x anteriores a 0.2.7, relacionada con las funciones de procesamiento sintáctico DER. • http://packages.debian.org/changelogs/pool/main/libt/libtasn1-2/libtasn1-2_0.2.13-1/changelog http://securitytracker.com/id?1010159 http://www.backports.org/changelog.html http://www.osvdb.org/15126 http://www.securityfocus.com/bid/10360 https://exchange.xforce.ibmcloud.com/vulnerabilities/16157 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 2CVE-2004-1956
https://notcve.org/view.php?id=CVE-2004-1956
PostNuke 0.7.2.6 allows remote attackers to gain information via a direct HTTP request to files in the (1) includes/blocks directory, (2) pnadodb directory, (3) NS-NewUser module, (4) NS-Your_Account, (5) NS-LostPassword module, or (6) NS-User module which reveals the path to the web server in a PHP error message. • http://marc.info/?l=bugtraq&m=108258902000472&w=2 http://www.securityfocus.com/bid/10191 http://www.waraxe.us/index.php?modname=sa&id=22 https://exchange.xforce.ibmcloud.com/vulnerabilities/15933 •
CVSS: 2.6EPSS: 0%CPEs: 1EXPL: 4CVE-2004-1957 – PostNuke 0.6/0.7 Downloads Module - TTitle Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2004-1957
Multiple cross-site scripting (XSS) vulnerabilities in PostNuke 0.726 allows remote attackers to inject arbitrary web script or HTML via the (1) lid and query parameters to the Downloads module, (2) query parameter to the Web_links module, or (3) hlpfile parameter to openwindow.php. • https://www.exploit-db.com/exploits/22997 https://www.exploit-db.com/exploits/24037 http://marc.info/?l=bugtraq&m=108258902000472&w=2 http://www.securityfocus.com/bid/10191 http://www.waraxe.us/index.php?modname=sa&id=22 https://exchange.xforce.ibmcloud.com/vulnerabilities/15934 •