Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-01-10 | CVE-2004-1115 | Local Security vulnerability in Linux The init scripts in Search for Extraterrestrial Intelligence (SETI) project 3.08-r3 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs. | 7.2 |
| 2005-01-10 | CVE-2004-1114 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Skype Technologies Skype Buffer overflow in the handling of command line arguments in Skype 1.0.x.94 through 1.0.x.98 allows remote attackers to execute arbitrary code via a callto:// URL with a long non-existent username, a different vulnerability than CVE-2004-1777. | 9.3 |
| 2005-01-10 | CVE-2004-1113 | SQL Injection vulnerability in SQLgrey Postfix Greylisting Service SQL injection vulnerability in SQLgrey Postfix greylisting service before 1.2.0 allows remote attackers to execute arbitrary SQL commands via the (1) sender or (2) recipient e-mail addresses. | 10.0 |
| 2005-01-10 | CVE-2004-1112 | Buffer Overflow Protection Bypass vulnerability in Cisco Security Agent The buffer overflow trigger in Cisco Security Agent (CSA) before 4.0.3 build 728 waits five minutes for a user response before terminating the process, which could allow remote attackers to bypass the buffer overflow protection by sending additional buffer overflow attacks within the five minute timeout period. | 5.1 |
| 2005-01-10 | CVE-2004-1111 | Denial-Of-Service vulnerability in 7600 Cisco IOS 2.2(18)EW, 12.2(18)EWA, 12.2(14)SZ, 12.2(18)S, 12.2(18)SE, 12.2(18)SV, 12.2(18)SW, and other versions without the "no service dhcp" command, keep undeliverable DHCP packets in the queue instead of dropping them, which allows remote attackers to cause a denial of service (dropped traffic) via multiple undeliverable DHCP packets that exceed the input queue size. | 5.0 |
| 2005-01-10 | CVE-2004-1110 | The mtink status monitor before 1.0.5 for Epson printers allows local users to overwrite arbitrary files via a symlink attack on the epson temporary file. | 2.1 |
| 2005-01-10 | CVE-2004-1109 | Denial Of Service vulnerability in Kerio Personal Firewall IP Options The FWDRV.SYS driver in Kerio Personal Firewall 4.1.1 and earlier allows remote attackers to cause a denial of service (CPU consumption and system freeze from infinite loop) via a (1) TCP, (2) UDP, or (3) ICMP packet with a zero length IP Option field. | 5.0 |
| 2005-01-10 | CVE-2004-1108 | Unspecified vulnerability in Gentoo Linux qpkg in Gentoolkit 0.2.0_pre10 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary directory. | 2.1 |
| 2005-01-10 | CVE-2004-1107 | Unspecified vulnerability in Gentoo Linux dispatch-conf in Portage 2.0.51-r2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. | 2.1 |
| 2005-01-10 | CVE-2004-1105 | Unspecified vulnerability in Nortel Contivity 4.91 Nortel Networks Contivity VPN Client displays a different error message depending on whether the username is valid or invalid, which could allow remote attackers to gain sensitive information. | 5.0 |