Shodan
Vulnerabilities
Vulnerable Software
Gnu:  Security Vulnerabilities
CVE-2004-1185
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.
CVSS Score
7.5
EPSS Score
0.074
Published
2005-01-21
CVE-2004-1170
a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename.
CVSS Score
10.0
EPSS Score
0.156
Published
2005-01-10
CVE-2004-1177
Cross-site scripting (XSS) vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page.
CVSS Score
4.3
EPSS Score
0.016
Published
2005-01-10
CVE-2004-0555
Buffer overflow in (1) queue.c and (2) queued.c in queue before 1.30.1 may allow remote attackers to execute arbitrary code.
CVSS Score
7.5
EPSS Score
0.034
Published
2004-12-31
CVE-2004-0984
Unknown vulnerability in the dotlock implementation in mailutils before 1:0.5-4 on Debian GNU/Linux allows attackers to gain privileges.
CVSS Score
7.2
EPSS Score
0.001
Published
2004-12-31
CVE-2004-1143
The password generation in mailman before 2.1.5 generates only 5 million unique passwords, which makes it easier for remote attackers to guess passwords via a brute force attack.
CVSS Score
7.5
EPSS Score
0.009
Published
2004-12-31
CVE-2004-1186
Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash).
CVSS Score
5.0
EPSS Score
0.082
Published
2004-12-31
CVE-2004-1296
The (1) eqn2graph and (2) pic2graph scripts in groff 1.18.1 allow local users to overwrite arbitrary files via a symlink attack on temporary files.
CVSS Score
2.1
EPSS Score
0.002
Published
2004-12-31
CVE-2004-1382
The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2004-0968.
CVSS Score
2.1
EPSS Score
0.001
Published
2004-12-31
CVE-2004-1453
GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program.
CVSS Score
2.1
EPSS Score
0.001
Published
2004-12-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved