CVE-2004-0171
https://notcve.org/view.php?id=CVE-2004-0171
FreeBSD 5.1 and earlier, and Mac OS X before 10.3.4, allows remote attackers to cause a denial of service (resource exhaustion of memory buffers and system crash) via a large number of out-of-sequence TCP packets, which prevents the operating system from creating new connections. FreeBSD 5.1 y anteriores permite a atacantes remotos causar una denegación de servicio (consumición de recursos de búferes de memoria) mediante un gran número de paquetes TCP fuera de secuencia, lo que impide que FreeBSD cree nuevas conexiones. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:04.tcp.asc http://lists.seifried.org/pipermail/security/2004-May/003743.html http://www.idefense.com/application/poi/display?id=78&type=vulnerabilities http://www.kb.cert.org/vuls/id/395670 http://www.osvdb.org/4124 http://www.securityfocus.com/bid/9792 https://exchange.xforce.ibmcloud.com/vulnerabilities/15369 •
CVE-2004-0106
https://notcve.org/view.php?id=CVE-2004-0106
Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to improper handling of font files, a different set of vulnerabilities than CVE-2004-0083 and CVE-2004-0084. Múltiples vulnerabilidades desconocidas en XFree86 4.1.0 to 4.3.0 relacionadas con el manejo inapropiado de ficheros de fuentes, un grupo de vulnerabilidades diferente de CAN-2004-0083. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000821 http://marc.info/?l=bugtraq&m=110979666528890&w=2 http://www.debian.org/security/2004/dsa-443 http://www.mandriva.com/security/advisories?name=MDKSA-2004:012 http://www.novell.com/linux/security/advisories/2004_06_xf86.html http://www.redhat.com/support/errata/RHSA-2004-059.html http://www.redhat.com/support/errata/RHSA-2004-060.html http://www.redhat.com/support/errata/RHSA-2004-061.html http://w •
CVE-2004-0084 – XFree86 4.x - CopyISOLatin1Lowered Font_Name Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-0084
Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a different vulnerability than CVE-2004-0083 and CVE-2004-0106. Desbordamiento de búfer en la función ReadFontAlias en XFree86 4.1.0 a 4.3.0, cuando se usa la función CopyISOLatin1Lowered, permite a usuarios locales o remotos autenticados ejecutar código arbitrario mediante una entrada malformada en el fichero de aliases de fuentes (font.alias), una vulnerabilidad distinta de CAN-2004-0083 y CAN-2004-0106. • https://www.exploit-db.com/exploits/23690 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000821 http://marc.info/?l=bugtraq&m=107662833512775&w=2 http://marc.info/?l=bugtraq&m=110979666528890&w=2 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57768-1 http://www.debian.org/security/2004/dsa-443 http://www.idefense.com/application/poi/display? •
CVE-2004-0083 – XFree86 4.3 - Font Information File Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-0083
Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106. Desbordamiento de búfer en ReadFontAlias de XFree86 4.1.0 a 4.3.0 permite a usuarios locales y atacantes remotos ejecutar código arbitrario mediante un fichero de aliases de fuentes (font.alias) con un token largo, una vulnerabilidad distinta de CAN-2004-0084 y CAN-2004-0106. • https://www.exploit-db.com/exploits/23682 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000821 http://marc.info/?l=bugtraq&m=107644835523678&w=2 http://marc.info/?l=bugtraq&m=107653324115914&w=2 http://marc.info/?l=bugtraq&m=110979666528890&w=2 http://security.gentoo.org/glsa/glsa-200402-02.xml http://sunsolve.sun.com/search/document.do? •
CVE-2003-0955 – OpenBSD - 'ibcs2_exec' Kernel Code Execution
https://notcve.org/view.php?id=CVE-2003-0955
OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by (1) ibcs2_exec.c in the iBCS2 emulation (compat_ibcs2) or (2) exec_elf.c, which leads to a stack-based buffer overflow. El Kernel OpenBSD 3.3 y 3.4 permite que usuarios locales causen una denegación de servicio (kernel panic) y posiblemente ejecuten código arbitrario en 3.4 mediante un programa con una cabecera inválida. Esto no lo maneja adecuadamente en (1) bcs2_exec.c o (2) exec_elf.c, que lleva a un desbordamiento de búfer. • https://www.exploit-db.com/exploits/118 https://www.exploit-db.com/exploits/125 ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/005_exec.patch http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/013315.html http://marc.info/?l=openbsd-security-announce&m=106808820119679&w=2 http://marc.info/?l=openbsd-security-announce&m=106917441524978&w=2 http://www.guninski.com/msuxobsd2.html http://www.openbsd.org/errata33.html http://www.securityfocus.com/bid/ •