20 results (0.011 seconds)

CVSS: 10.0EPSS: 1%CPEs: 38EXPL: 1

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. Error 'off-by-one' en el código de canal de OpenSSH 2.0 a 3.0.2 permite a usuarios locales o a servidores remotos ganar privilegios. • https://www.exploit-db.com/exploits/21314 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html http://archives.neohapsis.com/archives/vulnw • CWE-193: Off-by-one Error •

CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0

LogLine function in klogd in sysklogd 1.3 in various Linux distributions allows an attacker to cause a denial of service (hang) by causing null bytes to be placed in log messages. • http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-026-01 http://marc.info/?l=bugtraq&m=99258618906506&w=2 http://www.kb.cert.org/vuls/id/249579 https://exchange.xforce.ibmcloud.com/vulnerabilities/7098 •

CVSS: 2.1EPSS: 0%CPEs: 12EXPL: 1

Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack. • https://www.exploit-db.com/exploits/20493 http://marc.info/?l=bugtraq&m=98749102621604&w=2 http://marc.info/?l=bugtraq&m=99106787825229&w=2 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-047.php3?dis=8.0 http://www.redhat.com/support/errata/RHSA-2001-042.html https://exchange.xforce.ibmcloud.com/vulnerabilities/6367 •

CVSS: 4.6EPSS: 0%CPEs: 13EXPL: 2

Buffer overflow in man program in various distributions of Linux allows local user to execute arbitrary code as group man via a long -S option. • https://www.exploit-db.com/exploits/20843 http://archives.neohapsis.com/archives/bugtraq/2001-05/0087.html http://www.novell.com/linux/security/advisories/2001_019_man_txt.html http://www.redhat.com/support/errata/RHSA-2001-069.html http://www.securityfocus.com/archive/1/190136 http://www.securityfocus.com/bid/2711 https://exchange.xforce.ibmcloud.com/vulnerabilities/6530 •

CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0

Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning. • http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01 http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3 http://www.redhat.com/support/errata/RHSA-2001-097.html http://www.securityfocus.com/archive/1/197727 https://exchange.xforce.ibmcloud.com/vulnerabilities/6862 •