CVSS: 7.0EPSS: 0%CPEs: 79EXPL: 0CVE-2004-1068
https://notcve.org/view.php?id=CVE-2004-1068
01 Dec 2004 — A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition. Un error de "falta de serialización" en la función unix_dgram_recvmsg en Linux 2.4.27 y anteriores, y 2.6.x hasta 2.6.9, permite a usurios locales ganar privilegios aprovechando una condición de carrera. • ftp://patches.sgi.com/support/free/security/advisories/20060402-01-U •
CVSS: 4.7EPSS: 0%CPEs: 32EXPL: 0CVE-2004-1069
https://notcve.org/view.php?id=CVE-2004-1069
01 Dec 2004 — Race condition in SELinux 2.6.x through 2.6.9 allows local users to cause a denial of service (kernel crash) via SOCK_SEQPACKET unix domain sockets, which are not properly handled in the sock_dgram_sendmsg function. Condición de carrera en SELinux 2.6.x a 2.6.9 permite a usuarios locales causar una denegación de servicio (caída del kernel) mediante SOCK_SEQPACKET unix domain sockets, que no son manejados adecuadamente en la función sock_dgram_sendmsg. • http://marc.info/?l=bugtraq&m=110306397320336&w=2 •
CVSS: 10.0EPSS: 33%CPEs: 27EXPL: 0CVE-2004-0882
https://notcve.org/view.php?id=CVE-2004-0882
19 Nov 2004 — Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.17/SCOSA-2005.17.txt •
CVSS: 7.5EPSS: 1%CPEs: 17EXPL: 0CVE-2004-0983
https://notcve.org/view.php?id=CVE-2004-0983
19 Nov 2004 — The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request. • http://www.debian.org/security/2004/dsa-586 •
CVSS: 7.8EPSS: 0%CPEs: 51EXPL: 0CVE-2004-1051
https://notcve.org/view.php?id=CVE-2004-1051
18 Nov 2004 — sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2004-1007
https://notcve.org/view.php?id=CVE-2004-1007
04 Nov 2004 — The quoted-printable decoder in bogofilter 0.17.4 to 0.92.7 allows remote attackers to cause a denial of service (application crash) via mail headers that cause a line feed (LF) to be replaced by a null byte that is written to an incorrect memory address. • http://bogofilter.sourceforge.net/security/bogofilter-SA-2004-01 •
CVSS: 5.5EPSS: 0%CPEs: 120EXPL: 0CVE-2004-0814
https://notcve.org/view.php?id=CVE-2004-0814
28 Oct 2004 — Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attackers to cause a denial of service (panic) by switching from console to PPP line discipline, then quickly sending data that is received during the switch. Múltiples condiciones de carrera en la capa de terminal de Linux kernel 2.4.x y 2.6.x anteriores a 2.6.9... • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=131672 •
CVSS: 10.0EPSS: 30%CPEs: 16EXPL: 2CVE-2004-0989 – Libxml2 - Multiple Remote Stack Buffer Overflow Vulnerabilities
https://notcve.org/view.php?id=CVE-2004-0989
28 Oct 2004 — Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost. • https://www.exploit-db.com/exploits/24704 •
CVSS: 10.0EPSS: 4%CPEs: 93EXPL: 0CVE-2004-0888
https://notcve.org/view.php?id=CVE-2004-0888
26 Oct 2004 — Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889. • http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000886 •
CVSS: 10.0EPSS: 3%CPEs: 93EXPL: 0CVE-2004-0889
https://notcve.org/view.php?id=CVE-2004-0889
26 Oct 2004 — Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. • http://marc.info/?l=bugtraq&m=109880927526773&w=2 •