Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-2539 | Remote Undisclosed Denial Of Service vulnerability in Network Appliance Data Ontap and Netcache Unknown vulnerability in Network Appliance NetCache 5.2 and Data ONTAP 6.0 allows remote attackers to cause a denial of service (panic and reboot) and possibly other impacts via unknown attack vectors, possibly related to unspecified worms, as identified by bug ID | 7.8 |
| 2004-12-31 | CVE-2004-2538 | Unspecified vulnerability in Nilesh Dosooye PHPcodegenie Direct static code injection vulnerability in the PCG simple application generation in phpCodeGenie before 3.0.2 allows remote authenticated users to execute arbitrary code via the (1) header or (2) footer. | 6.5 |
| 2004-12-31 | CVE-2004-2537 | Unspecified vulnerability in NetWin SurgeMail Webmail Unspecified vulnerability in SurgeMail before 2.2c10 has unknown impact and attack vectors, related to a "Webmail security bug." | 10.0 |
| 2004-12-31 | CVE-2004-2536 | Local IO Access Inheritance vulnerability in Linux Kernel The exit_thread function (process.c) in Linux kernel 2.6 through 2.6.5 does not invalidate the per-TSS io_bitmap pointers if a process obtains IO access permissions from the ioperm function but does not drop those permissions when it exits, which allows other processes to access the per-TSS pointers, access restricted memory locations, and possibly gain privileges. | 7.5 |
| 2004-12-31 | CVE-2004-2535 | Unspecified vulnerability in Matthew Phillips Sticker 3.0.0 The person-to-person secure messaging feature in Sticker before 3.1.0 beta 2 allows remote attackers to post messages to unauthorized private groups by using the group's public encryption key. | 5.0 |
| 2004-12-31 | CVE-2004-2534 | Denial Of Service vulnerability in Fastream NetFile FTP/Web Server HEAD Request Fastream NETFile Server 7.1.2 does not properly handle keep-alive connection timeouts and does not close the connection after a HEAD request, which allows remote attackers to perform a denial of service (connection consumption) by sending a large number HTTP HEAD requests. | 7.8 |
| 2004-12-31 | CVE-2004-2533 | Improper Input Validation vulnerability in Solarwinds Serv-U File Server 4.1.0.0 Serv-U FTP Server 4.1 (possibly 4.0) allows remote attackers to cause a denial of service (application crash) via a SITE CHMOD command with a "\\...\" followed by a short string, causing partial memory corruption, a different vulnerability than CVE-2004-2111. | 5.0 |
| 2004-12-31 | CVE-2004-2532 | Credentials Management vulnerability in Solarwinds Serv-U File Server Serv-U FTP server before 5.1.0.0 has a default account and password for local administration, which allows local users to execute arbitrary commands by connecting to the server using the default administrator account, creating a new user, logging in as that new user, and then using the SITE EXEC command. | 10.0 |
| 2004-12-31 | CVE-2004-2531 | Denial Of Service vulnerability in GNU Gnutls 1.0.16 X.509 Certificate Signature Verification in Gnu transport layer security library (GnuTLS) 1.0.16 allows remote attackers to cause a denial of service (CPU consumption) via certificates containing long chains and signed with large RSA keys. | 7.8 |
| 2004-12-31 | CVE-2004-2530 | Visual truncation vulnerability in Gadu-Gadu allows remote attackers to spoof the file extension on transmitted files via a filename with a large number of spaces followed by the real extension, which is not displayed in the dialog box. | 2.6 |