| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2004-2715 |
287 |
|
+Priv Bypass |
2004-12-31 |
2017-07-29 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
edituser.php3 in PHPMyChat 0.14.5 allow remote attackers to bypass authentication and gain administrative privileges by setting the do_not_login parameter to false. |
|
2 |
CVE-2004-2697 |
362 |
|
+Priv |
2004-12-31 |
2017-07-29 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). NOTE: this might be related to CVE-2006-5002. |
|
3 |
CVE-2004-2693 |
264 |
|
+Priv |
2004-12-31 |
2017-10-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
HP-UX B.11.00 and B.11.11 with B6848AB GTK+ Support Libraries installed uses insecure directory permissions, which allows local users to gain privileges via files in /opt/gnome/src/GLib/. |
|
4 |
CVE-2004-2678 |
|
|
+Priv |
2004-12-31 |
2017-07-29 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
Unspecified vulnerability in HP Tru64 UNIX 5.1B PK2(BL22) and PK3(BL24), and 5.1A PK6(BL24), when using IPsec/IKE (Internet Key Exchange) with Certificates, allows remote attackers to gain privileges via unknown attack vectors. |
|
5 |
CVE-2004-2676 |
|
|
+Priv |
2004-12-31 |
2017-07-29 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The Spy Sweeper Enterprise Client (SpySweeperTray.exe) in WebRoot Spy Sweeper before 2.0 does not drop privileges when using the help functionality, which allows local users to gain privileges. |
|
6 |
CVE-2004-2653 |
|
|
+Priv |
2004-12-31 |
2008-09-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Unspecified vulnerability in PD9 Software MegaBBS 2.0 and 2.1 allows attackers to gain privileges via unknown vectors involving (1) admin/userlevelmembers-edit.asp and (2) admin/edit-groups.asp. |
|
7 |
CVE-2004-2615 |
|
|
+Priv |
2004-12-31 |
2017-07-20 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The documentation for CuteNews 1.3.6 and possibly other versions specifies that files under cutenews/data must be manually given world-writable permissions, which allows local users to insert false news, delete news, and possibly gain privileges or have other unknown impact. |
|
8 |
CVE-2004-2611 |
|
|
+Priv |
2004-12-31 |
2017-07-20 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Change Permissions function in the Sophster suite before 0.9.6 28 May 2004 (aka 0.9.6-r5), possibly including Sophster, FreeSophster, and FreeSophsterPAM, removes the (1) setuid, (2) setgid, and (3) sticky bits when changing a file, which might allow attackers to gain privileges or conduct other unauthorized activities. |
|
9 |
CVE-2004-2610 |
|
|
+Priv |
2004-12-31 |
2017-07-20 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
mntd_mount.c in mntd before 0.4.2 might allow local users to gain privileges via shell metacharacters in a remount option in the configuration file. NOTE: It is not clear whether this is a vulnerability because there is not necessarily any common usage in which privilege boundaries are crossed. Typical usage would restrict write access to the configuration file. |
|
10 |
CVE-2004-2536 |
|
|
+Priv |
2004-12-31 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The exit_thread function (process.c) in Linux kernel 2.6 through 2.6.5 does not invalidate the per-TSS io_bitmap pointers if a process obtains IO access permissions from the ioperm function but does not drop those permissions when it exits, which allows other processes to access the per-TSS pointers, access restricted memory locations, and possibly gain privileges. |
|
11 |
CVE-2004-2504 |
|
|
+Priv |
2004-12-31 |
2017-07-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The GUI in Alt-N Technologies MDaemon 7.2 and earlier, including 6.8, executes child processes such as NOTEPAD.EXE with SYSTEM privileges when users create new files, which allows local users with physical access to gain privileges. |
|
12 |
CVE-2004-2455 |
|
|
+Priv +Info |
2004-12-31 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file. |
|
13 |
CVE-2004-2436 |
|
|
+Priv |
2004-12-31 |
2021-04-14 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Computer Associates Unicenter Common Services 3.0 and earlier stores the database "SA" password in cleartext in the TndAddNspTmp.bat file, which could allow local users to gain privileges. |
|
14 |
CVE-2004-2430 |
|
|
+Priv |
2004-12-31 |
2017-07-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Trend OfficeScan Corporate Edition 5.58 and possibly earler does not drop privileges when opening a help window from a virus detection pop-up window, which allows local users to gain SYSTEM privileges. |
|
15 |
CVE-2004-2359 |
|
|
+Priv |
2004-12-31 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Dell TrueMobile 1300 WLAN Mini-PCI Card Util TrayApplet 3.10.39.0 does not properly drop SYSTEM privileges when started from the systray applet, which allows local users to gain privileges by accessing the Help functionality. |
|
16 |
CVE-2004-2350 |
|
|
+Priv Sql |
2004-12-31 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in search.php for phpBB 1.0 through 2.0.6 allows remote attackers to execute arbitrary SQL and gain privileges via the search_results parameter. |
|
17 |
CVE-2004-2335 |
|
|
+Priv |
2004-12-31 |
2017-07-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The Macromedia installers and e-licensing client on Mac OS X, as used for Macromedia Contribute 2, Director, Dreamweaver, Fireworks, Flash, and Studio, install the AuthenticationService setuid and writable by other users, which allows local users to gain privileges by modifying the program. |
|
18 |
CVE-2004-2312 |
|
|
Overflow +Priv |
2004-12-31 |
2017-07-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in GNU make for IBM AIX 4.3.3, when installed setgid, allows local users to gain privileges via a long CC argument. |
|
19 |
CVE-2004-2229 |
|
|
+Priv |
2004-12-31 |
2017-07-11 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple unknown vulnerabilities in Oracle 9i Lite Mobile Server 5.0.0.0.0 through 5.0.2.9.0 allow remote authenticated users to gain privileges. |
|
20 |
CVE-2004-2228 |
|
|
+Priv |
2004-12-31 |
2017-07-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Mozilla Firefox before 1.0 is installed with world-writable permissions on Mac OS X, which allows local users to gain privileges. |
|
21 |
CVE-2004-2215 |
|
|
+Priv |
2004-12-31 |
2017-07-11 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
RXVT-Unicode 3.4 and 3.5 does not properly close file descriptors, which allows local users to access the terminals of other users and possibly gain privileges. |
|
22 |
CVE-2004-2125 |
|
|
Overflow +Priv |
2004-12-31 |
2017-07-11 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in blackd.exe for BlackICE PC Protection 3.6 and other versions before 3.6.ccb, with application protection off, allows local users to gain system privileges by modifying the .INI file to contain a long packetLog.fileprefix value. |
|
23 |
CVE-2004-2073 |
|
|
+Priv |
2004-02-06 |
2017-07-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Linux-VServer 1.24 allows local users with root privileges on a virtual server to gain access to the filesystem outside the virtual server via a modified chroot-again exploit using the chmod command. |
|
24 |
CVE-2004-2050 |
|
|
+Priv |
2004-12-31 |
2017-07-11 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
eSeSIX Thintune thin clients running firmware 2.4.38 and earlier allow local users to gain privileges by pressing CTRL-SHIFT-ALT-DEL and entering the "maertsJ" password, which is hard-coded into lshell. |
|
25 |
CVE-2004-2024 |
|
|
+Priv |
2004-12-31 |
2008-09-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The distribution of Zen Cart 1.1.4 before patch 2 includes certain debugging code in the Admin password retrieval functionality, which allows attackers to gain administrative privileges via password_forgotten.php. |
|
26 |
CVE-2004-2012 |
|
|
+Priv |
2004-12-31 |
2017-07-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The systrace_exit function in the systrace utility for NetBSD-current and 2.0 before April 16, 2004, and certain FreeBSD ports, does not verify the owner of the /dec/systrace connection before setting euid to 0, which allows local users to gain root privileges. |
|
27 |
CVE-2004-2004 |
|
|
+Priv |
2004-05-06 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The Live CD in SUSE LINUX 9.1 Personal edition is configured without a password for root, which allows remote attackers to gain privileges via SSH. |
|
28 |
CVE-2004-1997 |
|
|
+Priv |
2004-05-05 |
2017-07-11 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Kolab stores OpenLDAP passwords in plaintext in the slapd.conf file, which may be installed world-readable, which allows local users to gain privileges. |
|
29 |
CVE-2004-1952 |
|
|
Exec Code +Priv Sql |
2004-04-23 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in Advanced Guestbook 2.2 allows remote attackers to execute arbitrary SQL commands and gain privileges via the password. |
|
30 |
CVE-2004-1873 |
|
|
+Priv Sql |
2004-12-31 |
2018-10-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in category.asp in A-CART Pro and A-CART 2.0 allows remote attackers to gain privileges via the catcode parameter. |
|
31 |
CVE-2004-1847 |
|
|
+Priv Bypass |
2004-03-20 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
News Manager Lite 2.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the ADMIN parameter in the NEWS_LOGIN cookie. |
|
32 |
CVE-2004-1842 |
|
|
+Priv CSRF |
2004-12-31 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x through 7.1.0 allows remote attackers to gain administrative privileges via an img tag with a URL to admin.php. |
|
33 |
CVE-2004-1833 |
|
|
+Priv |
2004-03-20 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges. |
|
34 |
CVE-2004-1821 |
|
|
+Priv Sql |
2004-03-15 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in 4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to gain privileges or perform unauthorized database operations via the gid parameter. |
|
35 |
CVE-2004-1767 |
264 |
|
+Priv |
2004-12-31 |
2018-10-30 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The kernel in Solaris 2.6, 7, 8, and 9 allows local users to gain privileges by loading arbitrary loadable kernel modules (LKM), possibly involving the modload function. |
|
36 |
CVE-2004-1764 |
|
|
Overflow +Priv |
2004-01-14 |
2017-10-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors. |
|
37 |
CVE-2004-1760 |
287 |
|
+Priv |
2004-01-21 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247. |
|
38 |
CVE-2004-1758 |
|
|
+Priv |
2004-04-13 |
2017-07-11 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
BEA WebLogic Server and WebLogic Express version 8.1 up to SP2, 7.0 up to SP4, and 6.1 up to SP6 may store the database username and password for an untargeted JDBC connection pool in plaintext in config.xml, which allows local users to gain privileges. |
|
39 |
CVE-2004-1757 |
|
|
+Priv |
2004-12-31 |
2017-07-11 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
BEA WebLogic Server and Express 8.1, SP1 and earlier, stores the administrator password in cleartext in config.xml, which allows local users to gain privileges. |
|
40 |
CVE-2004-1755 |
|
|
+Priv |
2004-12-31 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Web Services fat client for BEA WebLogic Server and Express 7.0 SP4 and earlier, when using 2-way SSL and multiple certificates to connect to the same URL, may use the incorrect identity after the first connection, which could allow users to gain privileges. |
|
41 |
CVE-2004-1707 |
|
|
+Priv |
2004-07-30 |
2017-07-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default path to find and execute library files while operating at raised privileges, which allows certain Oracle user accounts to gain root privileges via a modified libclntsh.so.9.0. |
|
42 |
CVE-2004-1704 |
|
|
+Priv |
2004-07-30 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
WpQuiz 2.60b1 through 2.60b8 allows remote attackers to gain privileges via a direct request to adminrestore.php in the extras directory. |
|
43 |
CVE-2004-1683 |
|
|
+Priv |
2004-09-13 |
2017-07-11 |
3.7 |
None |
Local |
High |
Not required |
Partial |
Partial |
Partial |
|
A race condition in crrtrap for QNX RTP 6.1 allows local users to gain privileges by modifying the PATH environment variable to reference a malicious io-graphics program before is executed by crrtrap. |
|
44 |
CVE-2004-1682 |
|
|
+Priv |
2004-08-15 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Format string vulnerability in QNX 6.1 FTP client allows remote authenticated users to gain group bin privileges via format string specifiers in the QUOTE command. |
|
45 |
CVE-2004-1681 |
|
|
Overflow +Priv |
2004-08-26 |
2017-07-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple buffer overflows in (1) phrelay-cfg, (2) phlocale, (3) pkg-installer, or (4) input-cfg in QNX Photon microGUI for QNX RTP 6.1 allow local users to gain privileges via a long -s (server) command line parameter. |
|
46 |
CVE-2004-1661 |
|
|
+Priv Bypass |
2004-09-02 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
MailWorks Professional allows remote attackers to bypass authentication and gain privileges via a cookie that contains "auth=1" and "uId=1." |
|
47 |
CVE-2004-1652 |
|
|
+Priv |
2004-08-31 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
phpScheduleIt 1.0.0 RC1 does not clear administrative privileges if the administrator logs in as a normal user, which allows users with physical access to gain administrative privileges. |
|
48 |
CVE-2004-1624 |
|
|
+Priv |
2004-10-21 |
2017-07-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Carbon Copy 6.0.5257 does not drop system privileges when opening external programs through the help topic interface, which allows local users to gain privileges via (1) the help topic interface in CCW32.exe, which launches Notepad, or (2) the help button in the Carbon Copy Scheduler (CCSched.exe). |
|
49 |
CVE-2004-1573 |
|
|
Exec Code +Priv |
2004-12-31 |
2017-07-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The documentation for AJ-Fork 167 implies that users should set permissions for users.db.php to 777, which allows local users to execute arbitrary PHP code and gain privileges as the administrator. |
|
50 |
CVE-2004-1567 |
|
|
+Priv |
2004-12-31 |
2017-07-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
profile.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to gain privileges by setting the mail parameter to 1, which is the value for an administrator. |
