CAN-2004-0047

CVE-2004-0047 corresponds to a local privilege escalation in the trr19 type trainer for GNU Emacs. Several disclosures (Debian DSA-430, Ubuntu CVE page, NVD) describe that multiple programs in trr19 1.0 do not drop privileges before executing a command, allowing local users to gain privileges (gr...

CAN-2004-0374

CVE-2004-0374 affects Interchange (pre-5.0.1). The vulnerability results from missing input sanitising, allowing remote attackers to expose the content of arbitrary variables and read/modify sensitive SQL information via an HTTP request that ends with the string SQLUSER . Public details in the co...

CAN-2004-0111

CVE-2004-0111 affects gdk-pixbuf before 0.20, where a malformed BMP file can cause a denial of service (crash) in apps that use the library. Public records across Debian/Red Hat advisories and OSV entries confirm the vulnerability, with Debian/DSA 464-1 and RHSA-2004:103 noting the impact and rec...

CAN-2004-0400

CVE-2004-0400 is tied to Exim, with multiple advisories across environments (Debian DSA-501, DSA-502-1; Gentoo GLSA 200405-07; FreeBSD/OpenVAS entries). Public details in connected docs indicate related issues include Exim at-tls handling and a remote-exploit risk (e.g., buffer overflows in speci...

CAN-2003-0068

CVE-2003-0068 affects the Eterm terminal emulator (0.9.1 and earlier). An attacker can modify the window title using a specific escape sequence and then insert it back into the user’s command line, potentially allowing arbitrary commands to be executed. Remediation is to upgrade to eterm 0.9.2 (a...

CAN-2004-0398

CVE-2004-0398 affects the neon library (libneon) and is referenced in multiple advisories (GLSA-200405-13/15, Debian DSA-506/507, Mandrake MDKSA-2004:049/078). The issue is a heap-based buffer overflow in neon’s date parsing routines (notably ne_rfc1036_parse and ne_httpdate_parse) that could, de...

CAN-2004-0827

CVE-2004-0827 is associated with ImageMagick across multiple advisories (Debian DSA 547-1, Ubuntu USN-35-1, Red Hat RHSA-2004:636). The connected documents describe a memory corruption issue in image processing (buffer/heap overflow in decoding BMP/DIB/related formats) that could allow arbitrary ...

CAN-2004-0077

CVE-2004-0077 is referenced in multiple Linux kernel security advisories (e.g., Debian DSA 442-1 and GLSA 200403-02) attached to OpenVAS entries, indicating a kernel vulnerability in the 2.4.x lineage across architectures (e.g., s390, mips, ia64). The OpenVAS data shows CVSS base score 7.2 with v...

CAN-2004-0772

CVE-2004-0772 is a set of double-free vulnerabilities in MIT Kerberos 5 (krb5), specifically in the error handling code for krb524d in MIT Kerberos 5 1.2.8 and earlier. These flaws may allow remote attackers to execute arbitrary code, primarily by exploiting double-free conditions in the KDC and ...

CAN-2004-0781

CVE-2004-0781 maps to an Icecast XSS in icecast-server (list.cgi) affecting 1.3.12 and earlier. The vulnerability arises from improper input sanitization in the status display, allowing remote attackers to craft a link containing script code that executes in a user’s browser, potentially stealing...

CAN-2004-0564

CVE-2004-0564 refers to the RP-PPPoE (rp-pppoe) component. When pppoe is run with setuid root, it can allow local users to overwrite arbitrary files, per multiple advisories (Debian DSA-557-1, Mandrake MDKSA-2004:145) and OSV/NVD entries. The issue arises only in configurations where rp-pppoe is ...

CAN-2004-0809

CVE-2004-0809 corresponds to a WebDAV/ mod_dav issue in the Apache WebDAV module that could allow a remote attacker to crash the server (Denial of Service) on installations with WebDAV enabled. The connected OpenVAS/Nessus entries reference SuSE SLES9 advisories (patches 5009547 and 5013988) addr...

CAN-2004-0815

CVE-2004-0815 corresponds to a remote arbitrary file-access vulnerability in Samba. Public details in connected documents indicate that Samba versions prior to 2.2.11 and 3.x prior to 3.0.7 were vulnerable to accessing files outside the share’s defined path. Some sources note that later research ...

CAN-2004-0881

CVE-2004-0881 affects getmail: getmail 4.x before 4.2.0 and other versions before 3.2.5. When run as root, it allows local users to overwrite arbitrary files via a symlink attack on subdirectories of the maildir. Impact is local file writes. Remediation: upgrade to getmail 4.2.0 or newer (or 3.2....

CAN-2004-0833

CVE-2004-0833 affects sendmail on Debian GNU/Linux where the sasl-bin integration leaves a fixed username/password in the SASL database configuration. This misconfiguration could allow remote attackers to use Sendmail as an open mail relay and send spam messages. Public references include Debian ...

CAN-2004-0802

Multiple connected entries reference CVE-2004-0802 in imlib2 (notably Debian DSA-552-1 and FreeBSD/OpenVAS entries). The Debian advisory lists CVSS base 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P). Descriptions indicate that a missing update is the issue, but no concrete root-cause, vulnerable versions, or ...

CAN-2004-0851

The CVE refers to Net-Acct and concerns insecure temporary file creation that enables local users to overwrite arbitrary files via a symlink attack on temporary files. Root cause: insecure handling of temporary file creation in Net‑Acct before version 0.71. The issue is local in scope and affects...

CAN-2004-0923

CVE-2004-0923 affects CUPS (Common UNIX Printing System) 1.1.20 and earlier. The vulnerability involves authentication information for a device URI being written to log files (e.g., error_log), which can allow a local user to obtain usernames and passwords when printing via SMB or when authentica...

CAN-2004-0977

CVE-2004-0977 is linked to insecure temporary file handling in the PostgreSQL contrib component (make_oidjoins_check), enabling a symlink/overwrite vulnerability in the script and potentially allowing arbitrary file writes by an attacker. Connected advisories (Ubuntu USN-6-1, Debian DSA-577-1, Ge...

CAN-2004-0911

CVE-2004-0911 is referenced across multiple scanners in connection with the netkit telnet package (netkit-telnet and netkit-telnet-ssl). The connected Nessus/OpenVAS entries identify Debian/Ubuntu/OpenVAS advisories (e.g., DSA-569-1, DSA-556-1/DSA-556-2, and SUSE CVE page) indicating that remote ...