13 results (0.010 seconds)

CVSS: 7.5EPSS: 35%CPEs: 31EXPL: 0

Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail. Desbordamiento de búfer en el montón en rsync anteriores a 2.5.7, cuando se ejecuta en modo servidor, permite a atacantes remotos ejecutar código arbitrario y posiblemente escapar del confinamiento chroot. • ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000794 http://marc.info/?l=bugtraq&m=107055681311602&w=2 http://marc.info/?l=bugtraq&m=107055684711629&w=2 http://marc.info/?l=bugtraq&m=107055702911867&w=2 http://marc.info/? •

CVSS: 2.1EPSS: 0%CPEs: 31EXPL: 0

The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on x86 systems, allows local users to cause a denial of service (hang) via the emulation mode, which does not properly clear TF and NT EFLAGs. El kernel de Linux 2.4.20 y anteriores, y 2.5.x, cuando se ejecuta en sistemas x86, permite a usuarios locales causar una denegación de servicio (cuelgue) mediante el modo de emulación, que no borra adecuadamente los marcadores (flags) TF y NT EFLAGs. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000553 http://marc.info/?l=bugtraq&m=103714004623587&w=2 http://marc.info/?l=bugtraq&m=103737292709297&w=2 http://rhn.redhat.com/errata/RHSA-2002-262.html http://rhn.redhat.com/errata/RHSA-2002-264.html http://www.redhat.com/support/errata/RHSA-2002-263.html http://www.securityfocus.com/bid/6115 https://exchange.xforce.ibmcloud.com/vulnerabilities/10576 https://access.redhat.com/security/cve/CVE-2002-1319 h •

CVSS: 10.0EPSS: 1%CPEs: 38EXPL: 1

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. Error 'off-by-one' en el código de canal de OpenSSH 2.0 a 3.0.2 permite a usuarios locales o a servidores remotos ganar privilegios. • https://www.exploit-db.com/exploits/21314 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html http://archives.neohapsis.com/archives/vulnw • CWE-193: Off-by-one Error •

CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0

Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning. • http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01 http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3 http://www.redhat.com/support/errata/RHSA-2001-097.html http://www.securityfocus.com/archive/1/197727 https://exchange.xforce.ibmcloud.com/vulnerabilities/6862 •

CVSS: 2.1EPSS: 0%CPEs: 19EXPL: 1

When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib. • https://www.exploit-db.com/exploits/290 http://archives.neohapsis.com/archives/linux/turbolinux/2001-q1/0004.html http://www.calderasystems.com/support/security/advisories/CSSA-2001-007.0.txt http://www.debian.org/security/2001/dsa-039 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-012.php3?dis=7.2 http://www.novell.com/linux/security/advisories/2001_001_glibc_txt.html http://www.redhat.com/support/errata/RHSA-2001-002.html http://www.securityfocus.com/archive&#x •