LiveActive security incident?Get immediate response
CVE archive

September 2004

Browse CVE records published in September 2004, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 162 matching CVEs · Page 3 of 4.

Unknown · CVSS Not scored

CVE-2004-0193: Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSe...

Heap-based buffer overflow in the ISS Protocol Analysis Module (PAM), as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Server Protection 3.6, allows remote attackers to execute arbitrary code via an SMB packet containing an authentication request with a long username.

Published Sep 1, 2004 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2004-0114: The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and e...

The shmat system call in the System V Shared Memory interface for FreeBSD 5.2 and earlier, NetBSD 1.3 and earlier, and OpenBSD 2.6 and earlier, does not properly decrement a shared memory segment's reference count when the vm_map_find function fails, which could allow local users to gain read or write access to a portion of kernel memory and gain privileges.

Published Sep 1, 2004 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2004-0077: The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2,...

The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local users to gain root privileges, a different vulnerability than CAN-2003-0985.

Published Sep 1, 2004 · Updated Aug 8, 2024