CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In December 2004

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2001-1413 Exec Code Overflow 2004-12-23 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in the comprexx function for ncompress 4.2.4 and earlier, when used in situations that cross security boundaries (such as FTP server), may allow remote attackers to execute arbitrary code via a long filename argument.
2 CVE-2002-1581 Dir. Trav. 2004-12-06 2011-03-08
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in nph-mr.cgi in Mailreader.com 2.3.20 through 2.3.31 allows remote attackers to view arbitrary files via .. (dot dot) sequences and a null byte (%00) in the configLanguage parameter.
3 CVE-2002-1582 Exec Code 2004-12-06 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
compose.cgi in Mailreader.com 2.3.30 and 2.3.31, when using Sendmail as the Mail Transfer Agent, allows remote attackers to execute arbitrary commands via shell metacharacters in the RealEmail configuration variable, which is used to call Sendmail in network.cgi.
4 CVE-2003-1208 Exec Code Overflow 2004-12-03 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by (1) setting the TIME_ZONE session parameter to a long value, or providing long parameters to the (2) NUMTOYMINTERVAL, (3) NUMTODSINTERVAL or (4) FROM_TZ functions.
5 CVE-2004-0090 2004-12-31 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Unknown vulnerability in Windows File Sharing for Mac OS X 10.1.5 through 10.3.2 does not "shutdown properly," which has unknown impact and attack vectors.
6 CVE-2004-0138 DoS 2004-12-31 2017-10-11
4.9
None Local Low Not required None None Complete
The ELF loader in Linux kernel 2.4 before 2.4.25 allows local users to cause a denial of service (crash) via a crafted ELF file with an interpreter with an invalid arch (architecture), which triggers a BUG() when an invalid VMA is unmapped.
7 CVE-2004-0323 +Priv Sql 2004-12-31 2021-04-29
7.5
None Remote Low Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in XMB 1.8 Final SP2 allow remote attackers to inject arbitrary SQL and gain privileges via the (1) ppp parameter in viewthread.php, (2) desc parameter in misc.php, (3) tpp parameter in forumdisplay.php, (4) ascdesc parameter in forumdisplay.php, or (5) the addon parameter in stats.php. NOTE: it has also been shown that item (3) is also in XMB 1.9 beta.
8 CVE-2004-0325 DoS 2004-12-31 2017-07-11
2.1
None Local Low Not required None None Partial
TYPSoft FTP Server 1.10 allows remote authenticated users to cause a denial of service (CPU consumption) via "//../" arguments to (1) mkd, (2) xmkd, (3) dele, (4) size, (5) retr, (6) stor, (7) appe, (8) rnfr, (9) rnto, (10) rmd, or (11) xrmd, as demonstrated using "//../qwerty".
9 CVE-2004-0369 Exec Code Overflow 2004-12-31 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload.
10 CVE-2004-0390 2004-12-31 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
SCO OpenServer 5.0.5 through 5.0.7 only supports Xauthority style access control when users log in using scologin, which allows remote attackers to gain unauthorized access to an X session via other X login methods.
11 CVE-2004-0393 Exec Code 2004-12-06 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Format string vulnerability in the msg function for rlpr daemon (rlprd) 2.0.4 allows remote attackers to execute arbitrary code via format string specifiers in a buffer that can not be resolved, which is provided to the syslog function.
12 CVE-2004-0395 Exec Code 2004-12-06 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
The xatitv program in the gatos package does not properly drop root privileges when the configuration file does not exist, which allows local users to execute arbitrary commands via shell metacharacters in a system call.
13 CVE-2004-0429 2004-12-31 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Unknown vulnerability related to "the handling of large requests" in RAdmin for Apple Mac OS X 10.3.3 and Mac OS X 10.2.8 may allow attackers to have unknown impact via unknown attack vectors.
14 CVE-2004-0448 Exec Code 2004-12-06 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Format string vulnerability in the log function for jftpgw 0.13.4 and earlier allows remote authenticated users to execute arbitrary code via format string specifiers in certain syslog messages.
15 CVE-2004-0451 Exec Code 2004-12-06 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Multiple format string vulnerabilities in the (1) logquit, (2) logerr, or (3) loginfo functions in Software Upgrade Protocol (SUP) allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog.
16 CVE-2004-0452 2004-12-21 2017-10-11
2.6
None Local High Not required None Partial Partial
Race condition in the rmtree function in the File::Path module in Perl 5.6.1 and 5.8.4 sets read/write permissions for the world, which allows local users to delete arbitrary files and directories, and possibly read files and directories, via a symlink attack.
17 CVE-2004-0454 Exec Code Overflow 2004-12-06 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in the msg function for rlpr daemon (rlprd) 2.04 allows local users to execute arbitrary code.
18 CVE-2004-0455 120 Exec Code Overflow 2004-12-06 2020-12-09
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to execute arbitrary code via a web page that is processed by www-sql.
19 CVE-2004-0456 Exec Code Overflow 2004-12-06 2017-07-11
7.6
None Remote High Not required Complete Complete Complete
Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header.
20 CVE-2004-0462 2004-12-31 2017-07-11
2.1
None Local Low Not required Partial None None
The built-in web servers for multiple networking devices do not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session with the same server.
21 CVE-2004-0465 Dir. Trav. 2004-12-31 2017-07-11
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in jretest.html in WebConnect 6.5 and 6.4.4, and possibly earlier versions, allows remote attackers to read keys within arbitrary INI formatted files via "..//" sequences in the WCP_USER parameter.
22 CVE-2004-0467 DoS 2004-12-31 2017-07-11
5.0
None Remote Low Not required None None Partial
Juniper JUNOS 5.x through JUNOS 7.x allows remote attackers to cause a denial of service (routing disabled) via a large number of MPLS packets, which are not filtered or verified before being sent to the Routing Engine, which reduces the speed at which other packets are processed.
23 CVE-2004-0468 DoS 2004-12-06 2017-07-11
5.0
None Remote Low Not required None None Partial
Memory leak in Juniper JUNOS Packet Forwarding Engine (PFE) allows remote attackers to cause a denial of service (memory exhaustion and device reboot) via certain IPv6 packets.
24 CVE-2004-0477 Bypass 2004-12-06 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Unknown vulnerability in 3Com OfficeConnect Remote 812 ADSL Router allows remote attackers to bypass authentication via repeated attempts using any username and password. NOTE: this identifier was inadvertently re-used for another issue due to a typo; that issue was assigned CVE-2004-0447. This candidate is ONLY for the ADSL router bypass.
25 CVE-2004-0480 Exec Code 2004-12-06 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to execute arbitrary code via a notes: URI that uses a UNC network share pathname to provide an alternate notes.ini configuration file to notes.exe.
26 CVE-2004-0491 2004-12-31 2017-10-11
2.1
None Local Low Not required None Partial None
The linux-2.4.21-mlock.patch in Red Hat Enterprise Linux 3 does not properly maintain the mlock page count when one process unlocks pages that belong to another process, which allows local users to mlock more memory than specified by the rlimit.
27 CVE-2004-0496 +Priv 2004-12-06 2018-10-30
7.2
None Local Low Not required Complete Complete Complete
Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool.
28 CVE-2004-0497 2004-12-06 2017-10-11
2.1
None Local Low Not required None Partial None
Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.
29 CVE-2004-0498 DoS 2004-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
The H.323 protocol agent in StoneSoft firewall engine 2.2.8 and earlier allows remote attackers to cause a denial of service (crash) via crafted H.323 packets.
30 CVE-2004-0510 Exec Code Overflow 2004-12-23 2017-07-11
7.2
None Local Low Not required Complete Complete Complete
Multiple buffer overflows in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to execute arbitrary code, as demonstrated via the execmail program.
31 CVE-2004-0511 DoS 2004-12-23 2017-07-11
2.1
None Local Low Not required None None Partial
Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to cause a denial of service by triggering a null dereference.
32 CVE-2004-0512 DoS 2004-12-23 2017-07-11
2.1
None Local Low Not required None None Partial
Multiple unknown vulnerabilities in MMDF on OpenServer 5.0.6 and 5.0.7, and possibly other operating systems, may allow attackers to cause a denial of service by triggering a core dump.
33 CVE-2004-0533 2004-12-31 2017-07-11
2.1
None Local Low Not required None Partial None
Business Objects WebIntelligence 2.7.0 through 2.7.4 only enforces access controls on the client, which allows remote authenticated users to delete arbitrary files on the server via a crafted delete request using the InfoView web client.
34 CVE-2004-0555 Exec Code Overflow 2004-12-31 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in (1) queue.c and (2) queued.c in queue before 1.30.1 may allow remote attackers to execute arbitrary code.
35 CVE-2004-0560 DoS Exec Code Overflow 2004-12-31 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted content of a certain size that triggers the overflow.
36 CVE-2004-0561 DoS Exec Code 2004-12-31 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Format string vulnerability in the log routine for gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
37 CVE-2004-0563 2004-12-23 2017-07-11
2.1
None Local Low Not required Partial None None
The tspc.conf configuration file in freenet6 before 0.9.6 and before 1.0 on Debian Linux has world readable permissions, which could allow local users to gain sensitive information, such as a username and password.
38 CVE-2004-0564 2004-12-23 2017-07-11
2.1
None Local Low Not required None Partial None
Roaring Penguin pppoe (rp-ppoe), if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe "is NOT designed to run setuid-root." Therefore this identifier applies *only* to those configurations and installations under which pppoe is run setuid root despite the developer's warnings.
39 CVE-2004-0565 +Info 2004-12-06 2017-10-11
2.1
None Local Low Not required Partial None None
Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.
40 CVE-2004-0567 DoS Exec Code Overflow 2004-12-31 2019-04-30
7.5
None Remote Low Not required Partial Partial Partial
The Windows Internet Naming Service (WINS) in Windows NT Server 4.0 SP 6a, NT Terminal Server 4.0 SP 6, Windows 2000 Server SP3 and SP4, and Windows Server 2003 does not properly validate the computer name value in a WINS packet, which allows remote attackers to execute arbitrary code or cause a denial of service (server crash), which results in an "unchecked buffer" and possibly triggers a buffer overflow, aka the "Name Validation Vulnerability."
41 CVE-2004-0576 DoS 2004-12-06 2017-07-11
5.0
None Remote Low Not required None None Partial
The radius daemon (radiusd) for GNU Radius 1.1, when compiled with the -enable-snmp option, allows remote attackers to cause a denial of service (server crash) via malformed SNMP messages containing an invalid OID.
42 CVE-2004-0577 2004-12-06 2017-07-11
5.0
None Remote Low Not required Partial None None
WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files from the root directory via a URL request to the wingate-internal directory.
43 CVE-2004-0578 2004-12-06 2017-07-11
5.0
None Remote Low Not required Partial None None
WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files via leading slash (//) characters in a URL request to the wingate-internal directory.
44 CVE-2004-0590 2004-12-06 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1.0.6, openswan 2.x before 2.1.4, and strongSwan before 2.1.3, allows remote attackers to authenticate using spoofed PKCS#7 certificates in which a self-signed certificate identifies an alternate Certificate Authority (CA) and spoofed issuer and subject.
45 CVE-2004-0592 DoS 2004-12-31 2017-07-11
5.0
None Remote Low Not required None None Partial
The tcp_find_option function of the netfilter subsystem for IPv6 in the SUSE Linux 2.6.5 kernel with USAGI patches, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type, a similar flaw to CVE-2004-0626.
46 CVE-2004-0601 Bypass 2004-12-23 2017-07-11
7.5
None Remote Low Not required Partial Partial Partial
distcc before 2.16, when running on 64-bit platforms, does not interpret IP-based access control rules correctly, which could allow remote attackers to bypass intended restrictions.
47 CVE-2004-0602 +Priv 2004-12-06 2017-07-11
2.1
None Local Low Not required Partial None None
The binary compatibility mode for FreeBSD 4.x and 5.x does not properly handle certain Linux system calls, which could allow local users to access kernel memory to gain privileges or cause a system panic.
48 CVE-2004-0603 Exec Code 2004-12-06 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
gzexe in gzip 1.3.3 and earlier will execute an argument when the creation of a temp file fails instead of exiting the program, which could allow remote attackers or local users to execute arbitrary commands, a different vulnerability than CVE-1999-1332.
49 CVE-2004-0604 DoS 2004-12-06 2017-07-11
5.0
None Remote Low Not required None None Partial
The HTTP client and server in giFT-FastTrack 0.8.6 and earlier allows remote attackers to cause a denial of service (crash), possibly via an empty search query, which triggers a NULL dereference.
50 CVE-2004-0605 16 DoS 2004-12-06 2017-07-11
5.0
None Remote Low Not required None None Partial
Non-registered IRC users using (1) ircd-hybrid 7.0.1 and earlier, (2) ircd-ratbox 1.5.1 and earlier, or (3) ircd-ratbox 2.0rc6 and earlier do not have a rate-limit imposed, which could allow remote attackers to cause a denial of service by repeatedly making requests, which are slowly dequeued.
Total number of vulnerabilities : 1223   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.