Shodan
Vulnerabilities
Vulnerable Software
Gnu:  Security Vulnerabilities
CVE-2004-1485
Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote malicious DNS servers to execute arbitrary code via a large DNS response that is handled by the gethostbyname function.
CVSS Score
7.5
EPSS Score
0.016
Published
2004-12-31
CVE-2004-1772
Stack-based buffer overflow in shar in GNU sharutils 4.2.1 allows local users to execute arbitrary code via a long -o command line argument.
CVSS Score
4.6
EPSS Score
0.001
Published
2004-12-31
CVE-2004-1773
Multiple buffer overflows in sharutils 4.2.1 and earlier may allow attackers to execute arbitrary code via (1) long output from wc to shar, or (2) unknown vectors in unshar.
CVSS Score
7.5
EPSS Score
0.018
Published
2004-12-31
CVE-2004-2014
Wget 1.9 and 1.9.1 allows local users to overwrite arbitrary files via a symlink attack on the name of the file being downloaded.
CVSS Score
2.6
EPSS Score
0.001
Published
2004-12-31
CVE-2004-2264
Format string bug in the open_altfile function in filename.c for GNU less 382, 381, and 358 might allow local users to cause a denial of service or possibly execute arbitrary code via format strings in the LESSOPEN environment variable. NOTE: since less is not setuid or setgid, then this is not a vulnerability unless there are plausible scenarios under which privilege boundaries could be crossed
CVSS Score
6.4
EPSS Score
0.007
Published
2004-12-31
CVE-2004-2459
Unknown vulnerability in gnubiff 1.2.0 and earlier allows local users to obtain passwords, related to the password table.
CVSS Score
2.1
EPSS Score
0.001
Published
2004-12-31
CVE-2004-2460
Unknown vulnerability in POP3 in gnubiff before 2.0.0 allows remote attackers to cause a denial of service (application crash) via an "infinite" Unique IDentification Listing (UIDL) list.
CVSS Score
5.0
EPSS Score
0.009
Published
2004-12-31
CVE-2004-2461
Buffer overflow in pop3.c in gnubiff before 2.0.0 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code.
CVSS Score
7.5
EPSS Score
0.01
Published
2004-12-31
CVE-2004-2531
X.509 Certificate Signature Verification in Gnu transport layer security library (GnuTLS) 1.0.16 allows remote attackers to cause a denial of service (CPU consumption) via certificates containing long chains and signed with large RSA keys.
CVSS Score
7.8
EPSS Score
0.009
Published
2004-12-31
CVE-2004-1377
The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files.
CVSS Score
2.1
EPSS Score
0.001
Published
2004-12-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved