CVSS: 7.0EPSS: 0%CPEs: 147EXPL: 4CVE-2004-1235 – Linux Kernel 2.4 - 'uselib()' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-1235
20 Jan 2005 — Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor. Condición de carrera en las llamadas de funciones (1) load_elf_library y (2) binfmt_aout de uselib de los kernel de Linux 2.4 a 2.429-rc2 y 2.6 a 2.6.10 permite a usuarios locales ejecutar código de su elección manipulando el descriptor WMA. • https://www.exploit-db.com/exploits/778 •
CVSS: 9.1EPSS: 0%CPEs: 97EXPL: 0CVE-2005-0003
https://notcve.org/view.php?id=CVE-2005-0003
20 Jan 2005 — The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file. El soporte de ELF de 64 bits en los kernel de Linux 2.6 anteriores a 2.6.10 en arquitecturas de 64 bits no verifica adecuadamente solapamientos en asignaciones de memoria VMA (virtual memory address), lo que permite a u... • http://linux.bkbits.net:8080/linux-2.4/cset%4041c36fb6q1Z68WUzKQFjJR-40Ev3tw •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2004-2395
https://notcve.org/view.php?id=CVE-2004-2395
31 Dec 2004 — Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060 •
CVSS: 9.8EPSS: 0%CPEs: 11EXPL: 0CVE-2004-2394
https://notcve.org/view.php?id=CVE-2004-2394
31 Dec 2004 — Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060 •
CVSS: 9.8EPSS: 0%CPEs: 11EXPL: 0CVE-2004-2396
https://notcve.org/view.php?id=CVE-2004-2396
31 Dec 2004 — passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent "safe and proper operation" of PAM. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120060 •
CVSS: 7.8EPSS: 0%CPEs: 51EXPL: 0CVE-2004-1051
https://notcve.org/view.php?id=CVE-2004-1051
18 Nov 2004 — sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html •
CVSS: 5.5EPSS: 0%CPEs: 26EXPL: 0CVE-2004-0975
https://notcve.org/view.php?id=CVE-2004-0975
20 Oct 2004 — The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136302 •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2004-0834
https://notcve.org/view.php?id=CVE-2004-0834
20 Oct 2004 — Format string vulnerability in Speedtouch USB driver before 1.3.1 allows local users to execute arbitrary code via (1) modem_run, (2) pppoa2, or (3) pppoa3. Vulnerabilidad de cadena de formato en Speedtouch USB driver anteriores a 1.3.1 permite a usuarios locales ejecutar código de su elección mediante modem_run pppoa2, o pppoa3 • http://sourceforge.net/project/showfiles.php?group_id=32758&package_id=28264&release_id=271734 •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2004-0565
https://notcve.org/view.php?id=CVE-2004-0565
08 Jul 2004 — Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit. Fuga de información de punto flotante en el código de cambio de contexto de Linux 2.4.x sólo comprueba el bit MFH pero no verifica el propietario de FPH, lo que permite a usuarios locales leer valores de registros de otros procesos estableciendo el bit MFH. • http://archives.neohapsis.com/archives/linux/owl/2004-q2/0038.html •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2004-0496
https://notcve.org/view.php?id=CVE-2004-0496
06 Jul 2004 — Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool. Multiples vulnerabilidades desconocidas en el kernel 2.6 de Linux permite a usuarios locales ganar privilegios o acceder a memoria del kernel, un grupo de vulerabilidades distinto de los identificado por CAN-2004-0495, como se ha encontrado con la herramienta de comprobac... • http://www.novell.com/linux/security/advisories/2004_20_kernel.html •