CVE-2004-0390
- EPSS 2.58%
- Veröffentlicht 31.12.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:05:32
SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods.
CVE-2004-0512
- EPSS 0.45%
- Veröffentlicht 23.12.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:05:47
Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to cause a denial of service by triggering a core dump.
CVE-2004-0511
- EPSS 0.95%
- Veröffentlicht 23.12.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:05:47
Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to cause a denial of service by triggering a null dereference.
CVE-2004-0510
- EPSS 1.48%
- Veröffentlicht 23.12.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:05:46
Multiple buffer overflows in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to execute arbitrary code, as demonstrated via the execmail program.
- EPSS 10.42%
- Veröffentlicht 23.11.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:04:57
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a ...
- EPSS 7.23%
- Veröffentlicht 23.11.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:04:53
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
CVE-2004-0079
- EPSS 9.54%
- Veröffentlicht 23.11.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:04:53
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
CVE-2004-1082
- EPSS 7.58%
- Veröffentlicht 03.02.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:59
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
CVE-2004-1124
- EPSS 0.34%
- Veröffentlicht 14.01.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:07:04
Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities.
CVE-2003-0872
- EPSS 0.29%
- Veröffentlicht 17.11.2003 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:03:07
Certain scripts in OpenServer before 5.0.6 allow local users to overwrite files and conduct other unauthorized activities via a symlink attack on temporary files.