Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2214 | Improper Handling of Case Sensitivity vulnerability in Mbedthis Appweb Http Server 1.0.4 Mbedthis AppWeb HTTP server before 1.1.3 allows remote attackers to bypass access restrictions via a URI with mixed case characters. | 9.8 |
| 2004-12-31 | CVE-2004-2172 | Inadequate Encryption Strength vulnerability in Netsourcecommerce Productcart EarlyImpact ProductCart uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via a chosen plaintext attack. | 7.5 |
| 2004-12-31 | CVE-2004-2154 | Improper Handling of Case Sensitivity vulnerability in multiple products CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive. | 9.8 |
| 2004-12-31 | CVE-2004-2013 | Integer Overflow or Wraparound vulnerability in Linux Kernel Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in socket.c in the Linux kernel 2.4.25 and earlier allows local users to execute arbitrary code via an optlen value of -1, which causes kmalloc to allocate 0 bytes of memory. | 7.8 |
| 2004-12-31 | CVE-2004-1995 | Cross-Site Request Forgery (CSRF) vulnerability in Fusetalk 2.0 Cross-Site Request Forgery (CSRF) vulnerability in FuseTalk 2.0 allows remote attackers to create arbitrary accounts via a link to adduser.cfm. | 6.5 |
| 2004-12-31 | CVE-2004-1901 | Link Following vulnerability in Gentoo Linux and Portage Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack on the lockfiles. | 5.5 |
| 2004-12-31 | CVE-2004-1842 | Cross-Site Request Forgery (CSRF) vulnerability in PHPnuke PHP-Nuke Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x through 7.1.0 allows remote attackers to gain administrative privileges via an img tag with a URL to admin.php. | 8.8 |
| 2004-12-31 | CVE-2004-1464 | Unspecified vulnerability in Cisco IOS Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port. | 5.9 |
| 2004-12-23 | CVE-2004-0816 | Integer Underflow (Wrap or Wraparound) vulnerability in Linux Kernel Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote attackers to cause a denial of service (application crash) via a malformed IP packet. | 7.5 |
| 2004-12-03 | CVE-2004-1083 | Improper Handling of Case Sensitivity vulnerability in Apple products Apache for Apple Mac OS X 10.2.8 and 10.3.6 restricts access to files in a case sensitive manner, but the Apple HFS+ filesystem accesses files in a case insensitive manner, which allows remote attackers to read .DS_Store files and files beginning with ".ht" using alternate capitalization. | 7.5 |