LiveActive security incident?Get immediate response
CVE archive

2004 CVE Archive

Browse CVE records published in 2004 CVE Archive, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 2644 matching CVEs · Page 5 of 53.

Unknown · CVSS Not scored

CVE-2004-2610: mntd_mount.c in mntd before 0.4.2 might allow local users to gain privileges via shell metacharacters in a...

mntd_mount.c in mntd before 0.4.2 might allow local users to gain privileges via shell metacharacters in a remount option in the configuration file. NOTE: It is not clear whether this is a vulnerability because there is not necessarily any common usage in which privilege boundaries are crossed. Typical usage would restrict write access to the configuration file.

Published Dec 4, 2005 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2004-2611: The Change Permissions function in the Sophster suite before 0.9.6 28 May 2004 (aka 0.9.6-r5), possibly inc...

The Change Permissions function in the Sophster suite before 0.9.6 28 May 2004 (aka 0.9.6-r5), possibly including Sophster, FreeSophster, and FreeSophsterPAM, removes the (1) setuid, (2) setgid, and (3) sticky bits when changing a file, which might allow attackers to gain privileges or conduct other unauthorized activities.

Published Dec 4, 2005 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2004-2654: The clientAbortBody function in client_side.c in Squid Web Proxy Cache before 2.6 STABLE6 allows remote att...

The clientAbortBody function in client_side.c in Squid Web Proxy Cache before 2.6 STABLE6 allows remote attackers to cause a denial of service (segmentation fault) via unspecified vectors that trigger a null dereference. NOTE: in a followup advisory, a researcher claimed that the issue was a buffer overflow that was not fixed in STABLE6. However, the vendor's bug report clearly shows that the researcher later retracted this claim, because the tested product was actually STABLE5.

Published Feb 24, 2006 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2004-2613: Unspecified vulnerability in procfs in the Linux-VServer stable branch for the 2.4 kernel before 1.23 and L...

Unspecified vulnerability in procfs in the Linux-VServer stable branch for the 2.4 kernel before 1.23 and Linux-VServer development branch for the 2.4 kernel before 1.3.5 has unspecified impact and attack vectors, related to "write access to specific proc entries from a vserver context", a different vulnerability than CVE-2004-2408.

Published Dec 4, 2005 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2004-2600: The firmware for Intelligent Platform Management Interface (IPMI) 1.5-based Intel Server Boards and Platfor...

The firmware for Intelligent Platform Management Interface (IPMI) 1.5-based Intel Server Boards and Platforms is shipped with an Authentication Type Enables parameter set to an invalid None parameter, which allows remote attackers to obtain sensitive information when LAN management functionality is enabled.

Published Nov 29, 2005 · Updated Aug 8, 2024