Unknown · CVSS Not scored
Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to execute arbitrary code via a web page that is processed by www-sql.
Published Jun 30, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data.
Published Jun 11, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple format string vulnerabilities in the (1) logquit, (2) logerr, or (3) loginfo functions in Software Upgrade Protocol (SUP) allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog.
Published Jun 30, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Format string vulnerability in the monitor "memory dump" command in VICE 1.6 to 1.14 allows local users to cause a denial of service (emulator crash) and possibly execute arbitrary code via format string specifiers in an output string.
Published Jun 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL strings, which allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via an integer overflow that leads to a heap-based buffer overflow.
Published Jun 23, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space.
Published Jun 11, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Format string vulnerability in the printlog function in log2mail before 0.2.5.2 allows local users or remote attackers to execute arbitrary code via format string specifiers in a logfile monitored by log2mail.
Published Jun 8, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the msg function for rlpr daemon (rlprd) 2.04 allows local users to execute arbitrary code.
Published Jun 30, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server.
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions.
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.
Published Jun 11, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.
Published Jun 11, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Format string vulnerability in the msg function for rlpr daemon (rlprd) 2.0.4 allows remote attackers to execute arbitrary code via format string specifiers in a buffer that can not be resolved, which is provided to the syslog function.
Published Jun 30, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
cpr (libcpr) in SGI IRIX before 6.5.25 allows local users to gain privileges by loading a user provided library while restarting the checkpointed process.
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed packet.
Published Jun 11, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, Microsoft Business Solutions CRM 1.2, and other products, allows remote attackers to read and delete arbitrary files via ".." sequences in the dynamicimag argument to crystalimagehandler.aspx.
Published Jun 11, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The mapelf32exec function call in IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system crash) via a "corrupted binary."
Published Jun 23, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Integer signedness error in the cpufreq proc handler (cpufreq_procctl) in Linux kernel 2.6 allows local users to gain privileges.
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992.
Published Jun 3, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The syssgi SGI_IOPROBE system call in IRIX 6.5.20 through 6.5.24 allows local users to gain privileges by reading and writing to kernel memory.
Published Jun 23, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in init for IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system panic) as a result of "page invalidation issues."
Published Jun 23, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The jail system call in FreeBSD 4.x before 4.10-RELEASE does not verify that an attempt to manipulate routing tables originated from a non-jailed process, which could allow local users to modify the routing table.
Published Jun 23, 2004 · Updated Aug 8, 2024