CVSS: 7.2EPSS: 0%CPEs: 22EXPL: 3CVE-2003-0144 – BSD 'lpr' 2000.05.07/0.48/0.72 / lpr-ppd 0.72 - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2003-0144
Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or (2) user name. • https://www.exploit-db.com/exploits/22331 https://www.exploit-db.com/exploits/22332 ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/010_lprm.patch ftp://patches.sgi.com/support/free/security/advisories/20030406-02-P http://marc.info/?l=bugtraq&m=104690434504429&w=2 http://marc.info/?l=bugtraq&m=104714441925019&w=2 http://secunia.com/advisories/8293 http://www.debian.org/security/2003/dsa-267 http://www.debian.org/security/2003/dsa-275 http://www& •
CVSS: 5.5EPSS: 0%CPEs: 38EXPL: 0CVE-2002-1915
https://notcve.org/view.php?id=CVE-2002-1915
tip on multiple BSD-based operating systems allows local users to cause a denial of service (execution prevention) by using flock() to lock the /var/log/acculog file. • http://online.securityfocus.com/archive/1/283033 http://www.iss.net/security_center/static/9633.php http://www.securityfocus.com/bid/5265 • CWE-667: Improper Locking •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2002-2188
https://notcve.org/view.php?id=CVE-2002-2188
OpenBSD before 3.2 allows local users to cause a denial of service (kernel crash) via a call to getrlimit(2) with invalid arguments, possibly due to an integer signedness error. • ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.1/common/018_kernresource.patch http://www.iss.net/security_center/static/10572.php http://www.openbsd.org/errata30.html#kernresource http://www.openbsd.org/errata31.html#kernresource http://www.securityfocus.com/bid/6124 •
CVSS: 2.1EPSS: 0%CPEs: 4EXPL: 0CVE-2002-2280
https://notcve.org/view.php?id=CVE-2002-2280
syslogd on OpenBSD 2.9 through 3.2 does not change the source IP address of syslog packets when the machine's IP addressed is changed without rebooting, e.g. via ifconfig, which can cause incorrect information to be sent to the syslog server. • http://archives.neohapsis.com/archives/bugtraq/2002-11/0272.html http://www.securityfocus.com/bid/6219 https://exchange.xforce.ibmcloud.com/vulnerabilities/10702 • CWE-16: Configuration •
CVSS: 6.8EPSS: 0%CPEs: 12EXPL: 1CVE-2002-2180
https://notcve.org/view.php?id=CVE-2002-2180
The setitimer(2) system call in OpenBSD 2.0 through 3.1 does not properly check certain arguments, which allows local users to write to kernel memory and possibly gain root privileges, possibly via an integer signedness error. • ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.0/common/032_kerntime.patch http://www.iss.net/security_center/static/10278.php http://www.openbsd.org/plus32.html http://www.securityfocus.com/bid/5861 •