12 results (0.004 seconds)

CVSS: 5.0EPSS: 0%CPEs: 9EXPL: 0

The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments. El procedimiento getdbm en ypxfrd permite a usuarios locales leer ficheros arbitrarios, y a atacantes remotos leer bases de datos fuera de /var/yp, mediante ataques de atravesamiento de directorios y de enlaces simbólicos en los argumentos de dominio y mapa. • ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.40 http://marc.info/?l=bugtraq&m=103426842025029&w=2 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/47903 http://www.iss.net/security_center/static/10329.php http://www.kb.cert.org/vuls/id/538033 http://www.securityfocus.com/bid/5937 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2423 •

CVSS: 5.0EPSS: 0%CPEs: 14EXPL: 0

Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000432 http://www.caldera.com/support/security/advisories/CSSA-2001-038.0.txt http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-082.php3 http://www.linuxsecurity.com/advisories/other_advisory-1683.html http://www.novell.com/linux/security/advisories/2001_039_kernel2_txt.html http://www.redhat.com/support/errata/RHSA-2001-142.html https://exchange.xforce.ibmcloud.com/vulnerabilities/7461 https://access.redhat.com/security •

CVSS: 2.1EPSS: 0%CPEs: 13EXPL: 0

kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges. • http://www.calderasystems.com/support/security/advisories/CSSA-2001-005.0.txt http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-018.php3?dis=7.2 http://www.novell.com/linux/security/advisories/2001_002_kdesu_txt.html https://exchange.xforce.ibmcloud.com/vulnerabilities/5995 •

CVSS: 1.2EPSS: 0%CPEs: 15EXPL: 0

inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations. • http://marc.info/?l=bugtraq&m=97916374410647&w=2 http://www.calderasystems.com/support/security/advisories/CSSA-2001-001.0.txt http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-010.php3 http://www.securityfocus.com/bid/2190 https://exchange.xforce.ibmcloud.com/vulnerabilities/5916 •

CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0

Format string vulnerability in the error logging code of DHCP server and client in Caldera Linux allows remote attackers to execute arbitrary commands. • http://www.calderasystems.com/support/security/advisories/CSSA-2001-003.0.txt http://www.securityfocus.com/bid/2215 https://exchange.xforce.ibmcloud.com/vulnerabilities/5953 •