7 results (0.004 seconds)

CVSS: 2.1EPSS: 0%CPEs: 93EXPL: 0

The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some sources. El controlador e1000 del kernel de Linux 2.4.26 y anteriores no inicializa la memoria antes de usarla, lo que permite a usuarios locales leer porciones de la memoria del kernel. NOTA: Este problema ha sido originalmente descrito incorrectamente por otras fuentes como un "desbordamiento de búfer". • ftp://patches.sgi.com/support/free/security/advisories/20040804-01-U.asc http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125168 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000845 http://lwn.net/Articles/91155 http://security.gentoo.org/glsa/glsa-200407-02.xml http://www.kernel.org/pub/linux/kernel/v2.4/testing/patch-2.4.27.log http://www.mandriva.com/security/advisories?name=MDKSA-2004:062 http://www.novell.com/linux/security/advisories/2004_20_kern •

CVSS: 7.5EPSS: 35%CPEs: 31EXPL: 0

Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail. Desbordamiento de búfer en el montón en rsync anteriores a 2.5.7, cuando se ejecuta en modo servidor, permite a atacantes remotos ejecutar código arbitrario y posiblemente escapar del confinamiento chroot. • ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000794 http://marc.info/?l=bugtraq&m=107055681311602&w=2 http://marc.info/?l=bugtraq&m=107055684711629&w=2 http://marc.info/?l=bugtraq&m=107055702911867&w=2 http://marc.info/? •

CVSS: 10.0EPSS: 1%CPEs: 38EXPL: 1

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. Error 'off-by-one' en el código de canal de OpenSSH 2.0 a 3.0.2 permite a usuarios locales o a servidores remotos ganar privilegios. • https://www.exploit-db.com/exploits/21314 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html http://archives.neohapsis.com/archives/vulnw • CWE-193: Off-by-one Error •

CVSS: 7.5EPSS: 0%CPEs: 25EXPL: 1

Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code. Vulnerabilidad en el formateado de cadenas en stunnel anterior a la 3.22 cuando se usa en modo cliente para smtp, pop o nntp permite que servidores remotos maliciosos ejecuten código arbitrario. • https://www.exploit-db.com/exploits/21192 http://marc.info/?l=stunnel-users&m=100869449828705&w=2 http://online.securityfocus.com/archive/1/247427 http://online.securityfocus.com/archive/1/248149 http://stunnel.mirt.net/news.html http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-004.php3 http://www.redhat.com/support/errata/RHSA-2002-002.html http://www.securityfocus.com/bid/3748 https://exchange.xforce.ibmcloud.com/vulnerabilities/7741 •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

Guardian Digital WebTool in EnGarde Secure Linux 1.0.1 allows restarted services to inherit some environmental variables, which could allow local users to gain root privileges. • http://www.linuxsecurity.com/advisories/other_advisory-1404.html http://www.redhat.com/support/errata/RHSA-2001-126.html https://exchange.xforce.ibmcloud.com/vulnerabilities/7404 •