8 results (0.009 seconds)

CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0

ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions. ProFTPD 1.2.9 trata las directivas Permitir y Denegar para ACLS basadas en CIDR como si fueran AllowAll (Permitir Todo), lo que podría permitir a clientes FTP saltarse las restricciones de acceso pretendidas. • http://bugs.proftpd.org/show_bug.cgi?id=2267 http://marc.info/?l=bugtraq&m=108335030208523&w=2 http://marc.info/?l=bugtraq&m=108335051011341&w=2 http://secunia.com/advisories/11527 http://www.mandriva.com/security/advisories?name=MDKSA-2004:041 http://www.securityfocus.com/bid/10252 https://exchange.xforce.ibmcloud.com/vulnerabilities/16038 •

CVSS: 7.5EPSS: 35%CPEs: 31EXPL: 0

Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail. Desbordamiento de búfer en el montón en rsync anteriores a 2.5.7, cuando se ejecuta en modo servidor, permite a atacantes remotos ejecutar código arbitrario y posiblemente escapar del confinamiento chroot. • ftp://patches.sgi.com/support/free/security/advisories/20031202-01-U http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000794 http://marc.info/?l=bugtraq&m=107055681311602&w=2 http://marc.info/?l=bugtraq&m=107055684711629&w=2 http://marc.info/?l=bugtraq&m=107055702911867&w=2 http://marc.info/? •

CVSS: 2.1EPSS: 0%CPEs: 31EXPL: 0

The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on x86 systems, allows local users to cause a denial of service (hang) via the emulation mode, which does not properly clear TF and NT EFLAGs. El kernel de Linux 2.4.20 y anteriores, y 2.5.x, cuando se ejecuta en sistemas x86, permite a usuarios locales causar una denegación de servicio (cuelgue) mediante el modo de emulación, que no borra adecuadamente los marcadores (flags) TF y NT EFLAGs. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000553 http://marc.info/?l=bugtraq&m=103714004623587&w=2 http://marc.info/?l=bugtraq&m=103737292709297&w=2 http://rhn.redhat.com/errata/RHSA-2002-262.html http://rhn.redhat.com/errata/RHSA-2002-264.html http://www.redhat.com/support/errata/RHSA-2002-263.html http://www.securityfocus.com/bid/6115 https://exchange.xforce.ibmcloud.com/vulnerabilities/10576 https://access.redhat.com/security/cve/CVE-2002-1319 h •

CVSS: 10.0EPSS: 1%CPEs: 38EXPL: 1

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. Error 'off-by-one' en el código de canal de OpenSSH 2.0 a 3.0.2 permite a usuarios locales o a servidores remotos ganar privilegios. • https://www.exploit-db.com/exploits/21314 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html http://archives.neohapsis.com/archives/vulnw • CWE-193: Off-by-one Error •

CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0

Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning. • http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-031-01 http://www.calderasystems.com/support/security/advisories/CSSA-2001-029.0.txt http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-066.php3 http://www.redhat.com/support/errata/RHSA-2001-097.html http://www.securityfocus.com/archive/1/197727 https://exchange.xforce.ibmcloud.com/vulnerabilities/6862 •