CVE-2004-0957 [Medium] | Security Vulnerability in Openpkg

CVE-2004-0957 is rated Moderate Risk (57.8/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 2.43%). EPSS rose +1.95% over the last day, indicating growing attacker interest. Review affected assets and schedule remediation.

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2026-06-15	0.48%	2.43%	+1.95%
2	2026-05-26	0.37%	0.48%	+0.11%
3	2026-05-13	—	0.37%	—

Date

Old EPSS score

New EPSS score

Delta (New - Old)

2026-06-15

0.48%

2.43%

+1.95%

2026-05-26

0.37%

0.48%

+0.11%

2026-05-13

—

0.37%

—

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
6.8	2.0	MEDIUM	`AV:N/AC:M/Au:N/C:P/I:P/A:P` Click to expand Access vector (AV:N) Can be exploited remotely over network reachability. Access complexity (AC:M) Exploitation needs some favorable conditions, but not exceptional ones. Authentication (AU:N) No authentication is required. Confidentiality impact (C:P) Partial confidentiality impact. Integrity impact (I:P) Partial integrity impact. Availability impact (A:P) Partial availability impact.	8.6	6.4	[email protected]

Base score

Version

Severity

Vector

Exploitability

Impact

Score source

6.8

2.0

MEDIUM

AV:N/AC:M/Au:N/C:P/I:P/A:P Click to expand

Access vector (AV:N): Can be exploited remotely over network reachability.
Access complexity (AC:M): Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N): No authentication is required.
Confidentiality impact (C:P): Partial confidentiality impact.
Integrity impact (I:P): Partial integrity impact.
Availability impact (A:P): Partial availability impact.

8.6

6.4

[email protected]

OS Trackers for CVE-2004-0957

vendor	priority	summary	link
`redhat`	—	—	https://access.redhat.com/security/cve/CVE-2004-0957
`ubuntu`	medium	CVE-2004-0957 medium priority: Ubuntu including 3 source packages (mysql-dfsg, mysql-dfsg-4.1, mysql-dfsg-5.0), 12 status rows across 4 suites (dapper, edgy, feisty, upstream): released 7, needs-triage 3, DNE 2.	https://ubuntu.com/security/CVE-2004-0957

Affected software / configurations for CVE-2004-0957

Vendor	Product	Version	Raw CPE
openpkg	openpkg	2.1	cpe:2.3:a:openpkg:openpkg:2.1:::::::*
openpkg	openpkg	2.2	cpe:2.3:a:openpkg:openpkg:2.2:::::::*
openpkg	openpkg	current	cpe:2.3:a:openpkg:openpkg:current:::::::*
oracle	mysql	3.20	cpe:2.3:a:oracle:mysql:3.20:::::::*
oracle	mysql	3.20.32a	cpe:2.3:a:oracle:mysql:3.20.32a:::::::*
oracle	mysql	3.21	cpe:2.3:a:oracle:mysql:3.21:::::::*
oracle	mysql	3.22	cpe:2.3:a:oracle:mysql:3.22:::::::*
oracle	mysql	3.22.26	cpe:2.3:a:oracle:mysql:3.22.26:::::::*
oracle	mysql	3.22.27	cpe:2.3:a:oracle:mysql:3.22.27:::::::*
oracle	mysql	3.22.28	cpe:2.3:a:oracle:mysql:3.22.28:::::::*
oracle	mysql	3.22.29	cpe:2.3:a:oracle:mysql:3.22.29:::::::*
oracle	mysql	3.22.30	cpe:2.3:a:oracle:mysql:3.22.30:::::::*
oracle	mysql	3.22.32	cpe:2.3:a:oracle:mysql:3.22.32:::::::*
oracle	mysql	3.23	cpe:2.3:a:oracle:mysql:3.23:::::::*
oracle	mysql	3.23.2	cpe:2.3:a:oracle:mysql:3.23.2:::::::*
oracle	mysql	3.23.3	cpe:2.3:a:oracle:mysql:3.23.3:::::::*
oracle	mysql	3.23.4	cpe:2.3:a:oracle:mysql:3.23.4:::::::*
oracle	mysql	3.23.5	cpe:2.3:a:oracle:mysql:3.23.5:::::::*
oracle	mysql	3.23.8	cpe:2.3:a:oracle:mysql:3.23.8:::::::*
oracle	mysql	3.23.9	cpe:2.3:a:oracle:mysql:3.23.9:::::::*
oracle	mysql	3.23.10	cpe:2.3:a:oracle:mysql:3.23.10:::::::*
oracle	mysql	3.23.22	cpe:2.3:a:oracle:mysql:3.23.22:::::::*
oracle	mysql	3.23.23	cpe:2.3:a:oracle:mysql:3.23.23:::::::*
oracle	mysql	3.23.24	cpe:2.3:a:oracle:mysql:3.23.24:::::::*
oracle	mysql	3.23.25	cpe:2.3:a:oracle:mysql:3.23.25:::::::*
oracle	mysql	3.23.26	cpe:2.3:a:oracle:mysql:3.23.26:::::::*
oracle	mysql	3.23.27	cpe:2.3:a:oracle:mysql:3.23.27:::::::*
oracle	mysql	3.23.28	cpe:2.3:a:oracle:mysql:3.23.28:::::::*
oracle	mysql	3.23.28	cpe:2.3:a:oracle:mysql:3.23.28:gamma::::::
oracle	mysql	3.23.29	cpe:2.3:a:oracle:mysql:3.23.29:::::::*
oracle	mysql	3.23.30	cpe:2.3:a:oracle:mysql:3.23.30:::::::*
oracle	mysql	3.23.31	cpe:2.3:a:oracle:mysql:3.23.31:::::::*
oracle	mysql	3.23.32	cpe:2.3:a:oracle:mysql:3.23.32:::::::*
oracle	mysql	3.23.33	cpe:2.3:a:oracle:mysql:3.23.33:::::::*
oracle	mysql	3.23.34	cpe:2.3:a:oracle:mysql:3.23.34:::::::*
oracle	mysql	3.23.36	cpe:2.3:a:oracle:mysql:3.23.36:::::::*
oracle	mysql	3.23.37	cpe:2.3:a:oracle:mysql:3.23.37:::::::*
oracle	mysql	3.23.38	cpe:2.3:a:oracle:mysql:3.23.38:::::::*
oracle	mysql	3.23.39	cpe:2.3:a:oracle:mysql:3.23.39:::::::*
oracle	mysql	3.23.40	cpe:2.3:a:oracle:mysql:3.23.40:::::::*
oracle	mysql	3.23.41	cpe:2.3:a:oracle:mysql:3.23.41:::::::*
oracle	mysql	3.23.42	cpe:2.3:a:oracle:mysql:3.23.42:::::::*
oracle	mysql	3.23.43	cpe:2.3:a:oracle:mysql:3.23.43:::::::*
oracle	mysql	3.23.44	cpe:2.3:a:oracle:mysql:3.23.44:::::::*
oracle	mysql	3.23.45	cpe:2.3:a:oracle:mysql:3.23.45:::::::*
oracle	mysql	3.23.46	cpe:2.3:a:oracle:mysql:3.23.46:::::::*
oracle	mysql	3.23.47	cpe:2.3:a:oracle:mysql:3.23.47:::::::*
oracle	mysql	3.23.48	cpe:2.3:a:oracle:mysql:3.23.48:::::::*
oracle	mysql	3.23.49	cpe:2.3:a:oracle:mysql:3.23.49:::::::*
oracle	mysql	3.23.50	cpe:2.3:a:oracle:mysql:3.23.50:::::::*
oracle	mysql	3.23.51	cpe:2.3:a:oracle:mysql:3.23.51:::::::*
oracle	mysql	3.23.52	cpe:2.3:a:oracle:mysql:3.23.52:::::::*
oracle	mysql	3.23.53	cpe:2.3:a:oracle:mysql:3.23.53:::::::*
oracle	mysql	3.23.53a	cpe:2.3:a:oracle:mysql:3.23.53a:::::::*
oracle	mysql	3.23.54	cpe:2.3:a:oracle:mysql:3.23.54:::::::*
oracle	mysql	3.23.54a	cpe:2.3:a:oracle:mysql:3.23.54a:::::::*
oracle	mysql	3.23.55	cpe:2.3:a:oracle:mysql:3.23.55:::::::*
oracle	mysql	3.23.56	cpe:2.3:a:oracle:mysql:3.23.56:::::::*
oracle	mysql	3.23.58	cpe:2.3:a:oracle:mysql:3.23.58:::::::*
oracle	mysql	3.23.59	cpe:2.3:a:oracle:mysql:3.23.59:::::::*
oracle	mysql	4.0.0	cpe:2.3:a:oracle:mysql:4.0.0:::::::*
oracle	mysql	4.0.1	cpe:2.3:a:oracle:mysql:4.0.1:::::::*
oracle	mysql	4.0.2	cpe:2.3:a:oracle:mysql:4.0.2:::::::*
oracle	mysql	4.0.3	cpe:2.3:a:oracle:mysql:4.0.3:::::::*
oracle	mysql	4.0.4	cpe:2.3:a:oracle:mysql:4.0.4:::::::*
oracle	mysql	4.0.5	cpe:2.3:a:oracle:mysql:4.0.5:::::::*
oracle	mysql	4.0.5a	cpe:2.3:a:oracle:mysql:4.0.5a:::::::*
oracle	mysql	4.0.6	cpe:2.3:a:oracle:mysql:4.0.6:::::::*
oracle	mysql	4.0.7	cpe:2.3:a:oracle:mysql:4.0.7:::::::*
oracle	mysql	4.0.7	cpe:2.3:a:oracle:mysql:4.0.7:gamma::::::
oracle	mysql	4.0.8	cpe:2.3:a:oracle:mysql:4.0.8:::::::*
oracle	mysql	4.0.8	cpe:2.3:a:oracle:mysql:4.0.8:gamma::::::
oracle	mysql	4.0.9	cpe:2.3:a:oracle:mysql:4.0.9:::::::*
oracle	mysql	4.0.9	cpe:2.3:a:oracle:mysql:4.0.9:gamma::::::
oracle	mysql	4.0.10	cpe:2.3:a:oracle:mysql:4.0.10:::::::*
oracle	mysql	4.0.11	cpe:2.3:a:oracle:mysql:4.0.11:::::::*
oracle	mysql	4.0.11	cpe:2.3:a:oracle:mysql:4.0.11:gamma::::::
oracle	mysql	4.0.12	cpe:2.3:a:oracle:mysql:4.0.12:::::::*
oracle	mysql	4.0.13	cpe:2.3:a:oracle:mysql:4.0.13:::::::*
oracle	mysql	4.0.14	cpe:2.3:a:oracle:mysql:4.0.14:::::::*

References for CVE-2004-0957

URL	Tags
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000947
http://www.ciac.org/ciac/bulletins/p-018.shtml
http://www.debian.org/security/2005/dsa-707
http://www.mandriva.com/security/advisories?name=MDKSA-2005:070
http://www.redhat.com/support/errata/RHSA-2004-597.html
http://www.redhat.com/support/errata/RHSA-2004-611.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/17783
https://www.ubuntu.com/usn/usn-32-1/

URL

CVE-2004-0957

Exploit prediction scoring system (EPSS) score for CVE-2004-0957

Common vulnerability scoring system (CVSS) metrics for CVE-2004-0957

Weakness enumeration for CVE-2004-0957

OS Trackers for CVE-2004-0957

Affected software / configurations for CVE-2004-0957

References for CVE-2004-0957