CVE-2004-2691

Public exploit
Unspecified vulnerability in 3Com SuperStack 3 4400 switches with firmware version before 3.31 allows remote attackers to cause a denial of service (device reset) via a crafted request to the web management interface. NOTE: the provenance of this information is unknown; details are obtained from third party reports.
Max CVSS
7.1
EPSS Score
96.41%
Published
2004-12-31
Updated
2017-07-29

CVE-2004-2687

Public exploit
distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks.
Max CVSS
9.3
EPSS Score
92.48%
Published
2004-12-31
Updated
2008-09-05

CVE-2004-2466

Public exploit
chat.ghp in Easy Chat Server 1.2 allows remote attackers to cause a denial of service (server crash) via a long username parameter, possibly due to a buffer overflow. NOTE: it was later reported that 2.2 is also affected.
Max CVSS
5.0
EPSS Score
17.76%
Published
2004-12-31
Updated
2022-08-01

CVE-2004-2416

Public exploit
Buffer overflow in the logging component of CCProxy allows remote attackers to execute arbitrary code via a long HTTP GET request.
Max CVSS
7.5
EPSS Score
95.76%
Published
2004-12-31
Updated
2017-07-11

CVE-2004-2271

Public exploit
Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
Max CVSS
7.5
EPSS Score
79.81%
Published
2004-12-31
Updated
2017-07-11

CVE-2004-2221

Public exploit
Buffer overflow in SoftCart.exe in Mercantec SoftCart 4.00b allows remote attackers to execute arbitrary code via a long parameter in an HTTP GET request.
Max CVSS
7.5
EPSS Score
60.63%
Published
2004-12-31
Updated
2017-07-11

CVE-2004-2111

Public exploit
Stack-based buffer overflow in the site chmod command in Serv-U FTP Server before 4.2 allows remote attackers to execute arbitrary code via a long filename.
Max CVSS
8.5
EPSS Score
97.24%
Published
2004-12-31
Updated
2020-07-28

CVE-2004-2086

Public exploit
Stack-based buffer overflow in results.stm for Sambar Server before the 6.0 production release allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP POST request with a long query parameter.
Max CVSS
5.0
EPSS Score
27.14%
Published
2004-02-06
Updated
2017-07-11

CVE-2004-2074

Public exploit
Format string vulnerability in Dream FTP 1.02 allows local users to cause a denial of service (crash) via format string specifiers in the (1) PASS or (2) RETR commands.
Max CVSS
5.0
EPSS Score
2.94%
Published
2004-12-31
Updated
2017-07-11

CVE-2004-1638

Public exploit
Buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long (1) EHLO and possibly (2) HELO command.
Max CVSS
7.5
EPSS Score
51.13%
Published
2004-10-16
Updated
2017-07-11

CVE-2004-1626

Public exploit
Buffer overflow in Ability Server 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long STOR command.
Max CVSS
5.0
EPSS Score
17.49%
Published
2004-10-22
Updated
2017-07-11

CVE-2004-1595

Public exploit
Buffer overflow in ShixxNote 6.net build 117 allows remote attackers to execute arbitrary code via a long font field.
Max CVSS
7.5
EPSS Score
51.13%
Published
2004-10-13
Updated
2017-07-11

CVE-2004-1561

Public exploit
Buffer overflow in Icecast 2.0.1 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a large number of headers.
Max CVSS
7.5
EPSS Score
96.50%
Published
2004-12-31
Updated
2017-07-11

CVE-2004-1558

Public exploit
Multiple stack-based buffer overflows in YPOPs! (aka YahooPOPS) 0.4 through 0.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) POP3 USER command or (2) SMTP request.
Max CVSS
7.5
EPSS Score
71.05%
Published
2004-12-31
Updated
2017-07-11

CVE-2004-1550

Public exploit
Motorola Wireless Router WR850G running firmware 4.03 allows remote attackers to bypass authentication, log on as an administrator, and obtain sensitive information by repeatedly making an HTTP request for ver.asp until an administrator logs on.
Max CVSS
7.5
EPSS Score
1.79%
Published
2004-12-31
Updated
2017-07-11

CVE-2004-1520

Public exploit
Stack-based buffer overflow in IPSwitch IMail 8.13 allows remote authenticated users to execute arbitrary code via a long IMAP DELETE command.
Max CVSS
4.6
EPSS Score
95.87%
Published
2004-12-31
Updated
2017-07-11

CVE-2004-1389

Public exploit
Unknown vulnerability in the Veritas NetBackup Administrative Assistant interface for NetBackup BusinesServer 3.4, 3.4.1, and 4.5, DataCenter 3.4, 3.4.1, and 4.5, Enterprise Server 5.1, and NetBackup Server 5.0 and 5.1, allows attackers to execute arbitrary commands via the bpjava-susvc process, possibly related to the call-back feature.
Max CVSS
6.0
EPSS Score
4.49%
Published
2004-12-31
Updated
2017-07-11

CVE-2004-1388

Public exploit
Format string vulnerability in the gpsd_report function for BerliOS GPD daemon (gpsd, formerly pygps) 1.9.0 through 2.7 allows remote attackers to execute arbitrary code via certain GPS requests containing format string specifiers that are not properly handled in syslog calls.
Max CVSS
7.5
EPSS Score
66.14%
Published
2004-12-31
Updated
2017-07-11

CVE-2004-1373

Public exploit
Format string vulnerability in SHOUTcast 1.9.4 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via format string specifiers in a content URL, as demonstrated in the filename portion of a .mp3 file.
Max CVSS
7.5
EPSS Score
97.16%
Published
2004-12-23
Updated
2017-07-11

CVE-2004-1317

Public exploit
Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, when running with the -e option, allows remote attackers to execute arbitrary code via a long DNS command.
Max CVSS
7.5
EPSS Score
83.62%
Published
2004-12-27
Updated
2017-07-11

CVE-2004-1315

Public exploit
viewtopic.php in phpBB 2.x before 2.0.11 improperly URL decodes the highlight parameter when extracting words and phrases to highlight, which allows remote attackers to execute arbitrary PHP code by double-encoding the highlight value so that special characters are inserted into the result, which is then processed by PHP exec, as exploited by the Santy.A worm.
Max CVSS
7.5
EPSS Score
96.27%
Published
2004-11-12
Updated
2017-07-11

CVE-2004-0798

Public exploit
Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold before 8.03 Hotfix 1 allows remote attackers to execute arbitrary code via a long instancename parameter.
Max CVSS
7.5
EPSS Score
93.13%
Published
2004-10-20
Updated
2017-10-05

CVE-2004-0795

Public exploit
DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe.
Max CVSS
7.2
EPSS Score
1.95%
Published
2004-10-20
Updated
2017-07-11

CVE-2004-0735

Public exploit
Buffer overflow in Medal of Honor (1) Allied Assault 1.11v9 and earlier, (2) Breakthrough 2.40b and earlier, and (3) Spearhead 2.15 and earlier, when playing on a Local Area Network (LAN), allows remote attackers to execute arbitrary code via vectors such as (1) the getinfo query, (2) the connect packet, and other unknown vectors.
Max CVSS
7.5
EPSS Score
42.99%
Published
2004-07-27
Updated
2017-07-11

CVE-2004-0695

Public exploit
Stack-based buffer overflow in the FTP service for 4D WebSTAR 5.3.2 and earlier allows remote attackers to execute arbitrary code via a long FTP command.
Max CVSS
7.5
EPSS Score
87.71%
Published
2004-07-27
Updated
2017-07-11
2451 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!