CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2002-1871
https://notcve.org/view.php?id=CVE-2002-1871
pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains a "?" (question mark) in the (1) mode, (2) owner, or (3) group fields, which allows attackers to elevate privileges. • http://sunsolve.sun.com/search/document.do?assetkey=1-26-45693-1 http://www.iss.net/security_center/static/9544.php http://www.securityfocus.com/bid/5208 •
CVSS: 10.0EPSS: 1%CPEs: 59EXPL: 0CVE-2002-1584
https://notcve.org/view.php?id=CVE-2002-1584
Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges. • ftp://patches.sgi.com/support/free/security/advisories/20030402-01-P http://secunia.com/advisories/7899 http://sunsolve.sun.com/search/document.do?assetkey=1-26-46944-1 http://www.kb.cert.org/vuls/id/518057 http://www.securityfocus.com/bid/6484 http://www.securitytracker.com/id?1005934 https://exchange.xforce.ibmcloud.com/vulnerabilities/10935 •
CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 0CVE-2002-1296
https://notcve.org/view.php?id=CVE-2002-1296
Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module. • http://marc.info/?l=bugtraq&m=103842619803173&w=2 http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=fsalert/49131 http://www.iss.net/security_center/static/10717.php http://www.kb.cert.org/vuls/id/683673 http://www.securityfocus.com/bid/6262 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3637 •
CVSS: 5.0EPSS: 0%CPEs: 15EXPL: 0CVE-2002-1345
https://notcve.org/view.php?id=CVE-2002-1345
Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious FTP servers to create or overwrite files as the client user via filenames containing /absolute/path or .. (dot dot) sequences. • ftp://patches.sgi.com/support/free/security/advisories/20021205-01-A http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0102.html http://marc.info/?l=bugtraq&m=103962838628940&w=2 http://www.iss.net/security_center/static/10821.php http://www.kb.cert.org/vuls/id/210409 http://www.securityfocus.com/bid/6360 •
CVSS: 7.5EPSS: 15%CPEs: 37EXPL: 1CVE-2002-1317 – XFree86 X11R6 3.3.x - Font Server Remote Buffer Overrun
https://notcve.org/view.php?id=CVE-2002-1317
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query. Desbordamiento de búfer en la rutina Dispatch() en el servidor de fuentes XFS (fs.auto) en Solaris 2.5.1 a 9 permite a atacantes remotos causar una denegación de servicio (caída) o ejecutar código arbitrario mediante una cierta petición XFS. • https://www.exploit-db.com/exploits/22036 ftp://patches.sgi.com/support/free/security/advisories/20021202-01-I http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21541 http://marc.info/?l=bugtraq&m=103825150527843&w=2 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/48879 http://www.cert.org/advisories/CA-2002-34.html http://www.ciac.org/ciac/bulletins/n-024.shtml http://www.iss.net/security_center/static/10375.php http://www.kb.cert.org •