Shodan
Vulnerabilities
Vulnerable Software
Ubuntu:  >> Ubuntu Linux  >> 4.1  Security Vulnerabilities
CVE-2004-1015
Buffer overflow in proxyd for Cyrus IMAP Server 2.2.9 and earlier, with the imapmagicplus option enabled, may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2004-1011.
CVSS Score
10.0
EPSS Score
0.057
Published
2005-01-10
CVE-2004-1016
The scm_send function in the scm layer for Linux kernel 2.4.x up to 2.4.28, and 2.6.x up to 2.6.9, allows local users to cause a denial of service (system hang) via crafted auxiliary messages that are passed to the sendmsg function, which causes a deadlock condition.
CVSS Score
2.1
EPSS Score
0.003
Published
2005-01-10
CVE-2004-1019
The deserialization code in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to cause a denial of service and execute arbitrary code via untrusted data to the unserialize function that may trigger "information disclosure, double-free and negative reference index array underflow" results.
CVSS Score
10.0
EPSS Score
0.081
Published
2005-01-10
CVE-2004-1056
Direct Rendering Manager (DRM) driver in Linux kernel 2.6 does not properly check the DMA lock, which could allow remote attackers or local users to cause a denial of service (X Server crash) and possibly modify the video output.
CVSS Score
6.4
EPSS Score
0.034
Published
2005-01-10
CVE-2004-1058
Race condition in Linux kernel 2.6 allows local users to read the environment variables of another process that is still spawning via /proc/.../cmdline.
CVSS Score
1.2
EPSS Score
0.001
Published
2005-01-10
CVE-2004-1065
Buffer overflow in the exif_read_data function in PHP before 4.3.10 and PHP 5.x up to 5.0.2 allows remote attackers to execute arbitrary code via a long section name in an image file.
CVSS Score
10.0
EPSS Score
0.069
Published
2005-01-10
CVE-2004-1067
Off-by-one error in the mysasl_canon_user function in Cyrus IMAP Server 2.2.9 and earlier leads to a buffer overflow, which may allow remote attackers to execute arbitrary code via the username.
CVSS Score
10.0
EPSS Score
0.055
Published
2005-01-10
CVE-2004-1068
A "missing serialization" error in the unix_dgram_recvmsg function in Linux 2.4.27 and earlier, and 2.6.x up to 2.6.9, allows local users to gain privileges via a race condition.
CVSS Score
6.2
EPSS Score
0.001
Published
2005-01-10
CVE-2004-1069
Race condition in SELinux 2.6.x through 2.6.9 allows local users to cause a denial of service (kernel crash) via SOCK_SEQPACKET unix domain sockets, which are not properly handled in the sock_dgram_sendmsg function.
CVSS Score
1.2
EPSS Score
0.001
Published
2005-01-10
CVE-2004-1137
Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the igmp_marksources function, which does not properly validate IGMP message parameters and performs an out-of-bounds read.
CVSS Score
10.0
EPSS Score
0.158
Published
2005-01-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved