Trustix

Secure Linux

65 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
2.1

CVE-2004-0565

  • EPSS 0.07%
  • Published 06.12.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.

2.1

CVE-2004-0415

  • EPSS 0.3%
  • Published 23.11.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory.

5

CVE-2004-0809

Exploit
  • EPSS 14.84%
  • Published 16.09.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.

7.5

CVE-2004-0801

  • EPSS 2.55%
  • Published 16.09.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

Unknown vulnerability in foomatic-rip in Foomatic before 3.0.2 allows local users or remote attackers with access to CUPS to execute arbitrary commands.

7.5

CVE-2004-0432

  • EPSS 1.24%
  • Published 18.08.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions.

5

CVE-2004-0421

  • EPSS 2.46%
  • Published 18.08.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.

6.4

CVE-2004-0493

Exploit
  • EPSS 89.5%
  • Published 06.08.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header...

10

CVE-2004-0600

  • EPSS 59.61%
  • Published 27.07.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.

5.1

CVE-2004-0594

  • EPSS 83.47%
  • Published 27.07.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of...

6.8

CVE-2004-0595

Exploit
  • EPSS 54.88%
  • Published 27.07.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explore...