CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2002-0755
https://notcve.org/view.php?id=CVE-2002-0755
12 Aug 2002 — Kerberos 5 su (k5su) in FreeBSD 4.5 and earlier does not verify that a user is a member of the wheel group before granting superuser privileges, which could allow unauthorized users to execute commands as root. Kerberos 5 su (k5su) en FreeBSD 4.5 y anteriores no verifican que el usuario sea miembro del grupo antes de otorgarle privilegios de superusuario, de modo podría permitir a usuarios no autorizados la ejecución de comandos como root. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:24.k5su.asc •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2002-0794
https://notcve.org/view.php?id=CVE-2002-0794
12 Aug 2002 — The accept_filter mechanism in FreeBSD 4 through 4.5 does not properly remove entries from the incomplete listen queue when adding a syncache, which allows remote attackers to cause a denial of service (network service availability) via a large number of connection attempts, which fills the queue. • http://archives.neohapsis.com/archives/freebsd/2002-05/0349.html •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2002-0795
https://notcve.org/view.php?id=CVE-2002-0795
12 Aug 2002 — The rc system startup script for FreeBSD 4 through 4.5 allows local users to delete arbitrary files via a symlink attack on X Windows lock files. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:27.rc.asc •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2002-0829
https://notcve.org/view.php?id=CVE-2002-0829
12 Aug 2002 — Integer overflow in the Berkeley Fast File System (FFS) in FreeBSD 4.6.1 RELEASE-p4 and earlier allows local users to access arbitrary file contents within FFS to gain privileges by creating a file that is larger than allowed by the virtual memory system. • http://marc.info/?l=bugtraq&m=102865404413458&w=2 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2002-0830
https://notcve.org/view.php?id=CVE-2002-0830
12 Aug 2002 — Network File System (NFS) in FreeBSD 4.6.1 RELEASE-p7 and earlier, NetBSD 1.5.3 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service (hang) via an RPC message with a zero length payload, which causes NFS to reference a previous payload and enter an infinite loop. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-013.txt.asc •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2002-0831
https://notcve.org/view.php?id=CVE-2002-0831
12 Aug 2002 — The kqueue mechanism in FreeBSD 4.3 through 4.6 STABLE allows local users to cause a denial of service (kernel panic) via a pipe call in which one end is terminated and an EVFILT_WRITE filter is registered for the other end. • http://marc.info/?l=bugtraq&m=102865142610126&w=2 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2002-0574
https://notcve.org/view.php?id=CVE-2002-0574
03 Jul 2002 — Memory leak in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (memory exhaustion) via ICMP echo packets that trigger a bug in ip_output() in which the reference count for a routing table entry is not decremented, which prevents the entry from being removed. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:21.tcpip.asc • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 1CVE-2002-0381
https://notcve.org/view.php?id=CVE-2002-0381
25 Jun 2002 — The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address. • ftp://patches.sgi.com/support/free/security/advisories/20030604-01-I •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2002-0518
https://notcve.org/view.php?id=CVE-2002-0518
11 Jun 2002 — The SYN cache (syncache) and SYN cookie (syncookie) mechanism in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (crash) (1) via a SYN packet that is accepted using syncookies that causes a null pointer to be referenced for the socket's TCP options, or (2) by killing and restarting a process that listens on the same socket, which does not properly clear the old inpcb pointer on restart. Los mecanismos SYN cache (syncache) y SYN cookie (syncookie) en FreeBSD 4.5 y anteriores, per... • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:20.syncache.asc •
CVSS: 7.2EPSS: 0%CPEs: 15EXPL: 3CVE-2002-0572 – Apple Mac OSX 10.x / FreeBSD 4.x / OpenBSD 2.x / Solaris 2.5/2.6/7.0/8 - 'exec C Library' Standard I/O File Descriptor Closure
https://notcve.org/view.php?id=CVE-2002-0572
11 Jun 2002 — FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid process that intended to perform I/O on normal files. • https://www.exploit-db.com/exploits/21407 •