|
351531
|
- |
|
linux
|
linux_kernel
|
dm-crypt on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryp…
|
NVD-CWE-Other
|
CVE-2004-2136
|
2016-10-18 12:06 |
2004-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351532
|
- |
|
esesix
|
thintune
|
eSeSIX Thintune thin clients running firmware 2.4.38 and earlier accept any password that begins with the actual password, which makes it easier for users to conduct brute force password guessing.
|
NVD-CWE-Other
|
CVE-2004-2052
|
2016-10-18 12:05 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351533
|
- |
|
francisco_burzi
|
php-nuke
|
The Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to gain sensitive information via an invalid show parameter to modules.php, which reveals the full path in a PHP error message.
|
NVD-CWE-Other
|
CVE-2004-1998
|
2016-10-18 12:04 |
2004-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351534
|
- |
|
tiki
|
tikiwiki_cms\/groupware
|
Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to inject arbitrary code via the (1) Theme, (2) Country, (3) Real Name, or (4) Displayed time zone fields in a User Profile, or…
|
CWE-94
Code Injection
|
CVE-2004-1926
|
2016-10-18 12:03 |
2004-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351535
|
- |
|
francisco_burzi
|
php-nuke
|
MS Analysis module 2.0 for PHP-Nuke allows remote attackers to obtain sensitive information via a direct request to (1) browsers.php, (2) mstrack.php, or (3) title.php, which reveal the full path in …
|
NVD-CWE-Other
|
CVE-2004-1839
|
2016-10-18 12:01 |
2004-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351536
|
- |
|
-
|
-
|
HP Web Jetadmin 7.5.2546 allows remote attackers to cause a denial of service (crash) via a malformed request, possibly due to a stricmp() error from an invalid use of the "$" character.
|
NVD-CWE-Other
|
CVE-2004-1858
|
2016-10-18 12:01 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351537
|
- |
|
openbsd
|
openbsd
|
PF in certain OpenBSD versions, when stateful filtering is enabled, does not limit packets for a session to the original interface, which allows remote attackers to bypass intended packet filters via…
|
NVD-CWE-Other
|
CVE-2004-1799
|
2016-10-18 12:00 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351538
|
- |
|
jera_technology
|
flash_messaging_server
|
Flash Messaging clients can ignore disconnecting commands such as "shutdown" from the Flash Messaging Server 5.2.0g (rev 1.1.2), which could allow remote attackers to stay connected.
|
NVD-CWE-Other
|
CVE-2004-1586
|
2016-10-18 11:57 |
2004-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351539
|
- |
|
cpanel
|
cpanel
|
cPanel 9.9.1-RELEASE-3 allows remote authenticated users to chmod arbitrary files via a symlink attack on the _private directory, which is created when Front Page extensions are enabled.
|
NVD-CWE-Other
|
CVE-2004-1604
|
2016-10-18 11:57 |
2004-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351540
|
- |
|
best_software
saleslogix_corporation
|
saleslogix
|
SalesLogix 6.1 uses client-specified pathnames for writing certain files, which might allow remote authenticated users to create arbitrary files and execute code via the (1) vMME.AttachmentPath or (2…
|
NVD-CWE-Other
|
CVE-2004-1610
|
2016-10-18 11:57 |
2004-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
