Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2005-01-10 CVE-2004-1014 Remote Denial Of Service vulnerability in Linux NFS RPC.STATD
statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated.
network
low complexity
nfs debian mandrakesoft redhat
5.0
5.0
2005-01-10 CVE-2004-1013 The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption. 10.0
10
2005-01-10 CVE-2004-1012 The argument parser of the PARTIAL command in Cyrus IMAP Server 2.2.6 and earlier allows remote authenticated users to execute arbitrary code via a certain command ("body[p") that is treated as a different command ("body.peek") and causes an index increment error that leads to an out-of-bounds memory corruption. 10.0
10
2005-01-10 CVE-2004-1011 Stack-based buffer overflow in Cyrus IMAP Server 2.2.4 through 2.2.8, with the imapmagicplus option enabled, allows remote attackers to execute arbitrary code via a long (1) PROXY or (2) LOGIN command, a different vulnerability than CVE-2004-1015. 10.0
10
2005-01-10 CVE-2004-1008 Remote SSH2_MSG_DEBUG Buffer Overflow vulnerability in PuTTY
Integer signedness error in the ssh2_rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2_MSG_DEBUG packet with a modified stringlen parameter, which leads to a buffer overflow.
network
low complexity
putty tortoisecvs
critical
 10.0
10
2005-01-10 CVE-2004-0996 main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
local
low complexity
cscope debian gentoo sco
2.1
2.1
2005-01-10 CVE-2004-0994 Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the read_prf_file function in readprf.c.
network
low complexity
zgv debian
critical
 10.0
10
2005-01-10 CVE-2004-0993 Remote Buffer Overflow vulnerability in HP HPSockd 0.4/0.5
Buffer overflow in hpsockd before 0.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code.
network
low complexity
hp
critical
 10.0
10
2005-01-10 CVE-2004-0987 Remote Buffer Overflow vulnerability in Yard Radius
Buffer overflow in the process_menu function in yardradius 1.0.20 allows remote attackers to execute arbitrary code.
network
low complexity
yard-radius yard-radius-project
critical
 10.0
10
2005-01-10 CVE-2004-0956 MySQL before 4.0.20 allows remote attackers to cause a denial of service (application crash) via a MATCH AGAINST query with an opening double quote but no closing double quote.
network
low complexity
oracle suse ubuntu
5.0
5.0