LiveActive security incident?Get immediate response
CVE archive

February 2004

Browse CVE records published in February 2004, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 413 matching CVEs · Page 1 of 9.

Unknown · CVSS Not scored

CVE-2004-2654: The clientAbortBody function in client_side.c in Squid Web Proxy Cache before 2.6 STABLE6 allows remote att...

The clientAbortBody function in client_side.c in Squid Web Proxy Cache before 2.6 STABLE6 allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors that trigger a null dereference. NOTE: in a followup advisory, a researcher claimed that the issue was a buffer overflow that was not fixed in STABLE6. However, the vendor's bug report clearly shows that the researcher later retracted this claim, because the tested product was actually STABLE5.

Published Feb 24, 2006 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2004-1706: The U.S.

The U.S. Robotics USR808054 wireless access point allows remote attackers to cause a denial of service (device crash) and possibly execute arbitrary code via an HTTP GET request with a long version string.

Published Feb 26, 2005 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2004-1720: The (1) address.html and possibly (2) calendar.html pages in Merak Mail Server 5.2.7 allow remote attackers...

The (1) address.html and possibly (2) calendar.html pages in Merak Mail Server 5.2.7 allow remote attackers to gain sensitive information via an invalid HTTP request, which reveals the installation path. NOTE: it is unclear whether the calendar.html is an exposure, since the path is leaked in web logs that may only be available to the administrators, who would have access to the path through legitimate means.

Published Feb 26, 2005 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2004-1724: The ReadMe First.txt file in PHP-Fusion 4.0 instructs users to set the permissions on the fusion_admin/db_b...

The ReadMe First.txt file in PHP-Fusion 4.0 instructs users to set the permissions on the fusion_admin/db_backups directory to world read/write/execute (777), which allows remote attackers to download or view database backups, which have easily guessable filenames and contain the administrator username and password.

Published Feb 26, 2005 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2004-1714: BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and...

BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3) sigs.ini and (4) protect.ini with Everyone Full Control permissions, which allows local users to cause a denial of service (crash) or modify configuration, as demonstrated by modifying firewall.ini to contain a large firewall rule.

Published Feb 26, 2005 · Updated Aug 8, 2024