13 results (0.004 seconds)

CVSS: 7.2EPSS: 0%CPEs: 46EXPL: 2

Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice. Corrupción de memoria en el comando "at" permite que usuarios locales ejecuten código arbitrario haciendo uso de un tiempo de ejecución mal escrito (lo que provoca que at libere la misma memoria dos veces). • https://www.exploit-db.com/exploits/21229 http://marc.info/?l=bugtraq&m=101128661602088&w=2 http://marc.info/?l=bugtraq&m=101147632721031&w=2 http://online.securityfocus.com/advisories/3833 http://online.securityfocus.com/advisories/3969 http://www.debian.org/security/2002/dsa-102 http://www.novell.com/linux/security/advisories/2002_003_at_txt.html http://www.redhat.com/support/errata/RHSA-2002-015.html http://www.securityfocus.com/bid/3886 https://exchange.xforce. •

CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 0

Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands. Vulnerabilidad de cadena de formato en la función de retrollamada (callback) en common.c en la librería Cyrus SASL (cyrus-sasl) podría permitr a atacantes remotos ejecutar comandos de su elección. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:15.cyrus-sasl.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000444 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:018 http://lwn.net/alerts/SuSE/SuSE-SA%3A2001%3A042.php3 http://www.caldera.com/support/security/advisories/CSSA-2001-040.0.txt http://www.redhat.com/support/errata/RHSA-2001-150.html http://www.redhat.com/support/errata/RHSA-2001-151.html http://www.securityfocus&# •

CVSS: 5.0EPSS: 0%CPEs: 14EXPL: 0

Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000432 http://www.caldera.com/support/security/advisories/CSSA-2001-038.0.txt http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-082.php3 http://www.linuxsecurity.com/advisories/other_advisory-1683.html http://www.novell.com/linux/security/advisories/2001_039_kernel2_txt.html http://www.redhat.com/support/errata/RHSA-2001-142.html https://exchange.xforce.ibmcloud.com/vulnerabilities/7461 https://access.redhat.com/security •

CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0

Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning. • http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01 http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3 http://www.redhat.com/support/errata/RHSA-2001-097.html http://www.securityfocus.com/archive/1/197727 https://exchange.xforce.ibmcloud.com/vulnerabilities/6862 •

CVSS: 2.1EPSS: 0%CPEs: 13EXPL: 0

kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges. • http://www.calderasystems.com/support/security/advisories/CSSA-2001-005.0.txt http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-018.php3?dis=7.2 http://www.novell.com/linux/security/advisories/2001_002_kdesu_txt.html https://exchange.xforce.ibmcloud.com/vulnerabilities/5995 •