CVSS: 9.8EPSS: 3%CPEs: 93EXPL: 0CVE-2004-0826
https://notcve.org/view.php?id=CVE-2004-0826
02 Sep 2004 — Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. • http://marc.info/?l=bugtraq&m=109351293827731&w=2 •
CVSS: 7.5EPSS: 5%CPEs: 252EXPL: 0CVE-2004-0079
https://notcve.org/view.php?id=CVE-2004-0079
18 Mar 2004 — The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. La función do_change_cipher_spec en OpenSSL 0.9.6c hasta 0.9.6.k y 0.9.7a hasta 0.9.7c permite que atacantes remotos provoquen una denegación de servicio (caída) mediante una hábil unión SSL/TLS que provoca un puntero nulo. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 3%CPEs: 252EXPL: 0CVE-2004-0081
https://notcve.org/view.php?id=CVE-2004-0081
18 Mar 2004 — OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. OpenSSL 0.9.6 anteriores a la 0.9.6d no manejan adecuadamente los tipos de mensajes desconocidos, lo que permite a atacantes remotos causar una denegación de servicios (por bucle infinito), como se demuestra utilizando la herramienta de testeo Codenomicon TLS. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt •
CVSS: 7.5EPSS: 0%CPEs: 245EXPL: 0CVE-2004-0112
https://notcve.org/view.php?id=CVE-2004-0112
18 Mar 2004 — The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. El código que une SSL/TLS en OpenSSL 0.9.7a, 0.9.7b y 0.9.7c, usando Kerberos, no comprueba adecuadamente la longitud de los tickets de Kerberos, lo que permite que atacantes remotos provoquen una dene... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2004-1764
https://notcve.org/view.php?id=CVE-2004-1764
14 Jan 2004 — Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors. • http://www.ciac.org/ciac/bulletins/o-057.shtml •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2003-1087
https://notcve.org/view.php?id=CVE-2003-1087
31 Dec 2003 — Unknown vulnerability in diagmond and possibly other applications in HP9000 Series 700/800 running HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows remote attackers to cause a denial of service (program failure) via certain network traffic. • http://marc.info/?l=bugtraq&m=109292319608851&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 3CVE-2003-1097 – HP-UX 10.x/11.x - RExec Remote 'Username' Flag Local Buffer Overrun
https://notcve.org/view.php?id=CVE-2003-1097
31 Dec 2003 — Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when setuid root, may allow local users to gain privileges via a long -l option. • https://www.exploit-db.com/exploits/22552 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2003-1099
https://notcve.org/view.php?id=CVE-2003-1099
31 Dec 2003 — shar on HP-UX B.11.00, B.11.04, and B.11.11 creates temporary files with predictable names in /tmp, which allows local users to cause a denial of service and possibly execute arbitrary code via a symlink attack. • http://secunia.com/advisories/10339 •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2003-1356
https://notcve.org/view.php?id=CVE-2003-1356
31 Dec 2003 — The "file handling" in sort in HP-UX 10.01 through 10.20, and 11.00 through 11.11 is "incorrect," which allows attackers to gain access or cause a denial of service via unknown vectors. • http://archives.neohapsis.com/archives/hp/2003-q1/0009.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 2CVE-2003-1358 – HP-UX 10.x - rs.F3000 Unauthorized Access
https://notcve.org/view.php?id=CVE-2003-1358
31 Dec 2003 — rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program. • https://www.exploit-db.com/exploits/22248 • CWE-264: Permissions, Privileges, and Access Controls •