CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2002-0435
https://notcve.org/view.php?id=CVE-2002-0435
26 Jul 2002 — Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a ".." directory that is higher than expected, possibly up to the root file system. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2002-0389 – mailman: Local users able to read private mailing list archives
https://notcve.org/view.php?id=CVE-2002-0389
18 Jun 2002 — Pipermail in Mailman stores private mail messages with predictable filenames in a world-executable directory, which allows local users to read private mailing list archives. It was found that mailman stored private email messages in a world-readable directory. A local user could use this flaw to read private mailing list archives. Mailman is a program used to help manage e-mail discussion lists. It was found that mailman did not sanitize the list name before passing it to certain MTAs. • http://marc.info/?l=bugtraq&m=101902003314968&w=2 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2002-0388 – GNU Mailman 2.0.x - Admin Login Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2002-0388
31 May 2002 — Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow remote attackers to execute script via (1) the admin login page, or (2) the Pipermail index summaries. • https://www.exploit-db.com/exploits/21480 •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2002-0178
https://notcve.org/view.php?id=CVE-2002-0178
29 May 2002 — uudecode, as available in the sharutils package before 4.2.1, does not check whether the filename of the uudecoded file is a pipe or symbolic link, which could allow attackers to overwrite files or execute commands. uudecode, como aparece en el paquete sharutils anteriores a 4.2.1, no comprueba si el nombre del fichero o el fichero uu-codificado es una tubería o un enlace simbólico, lo que podría permitir a atacantes sobreescribir ficheros o ejecutar comandos. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-040.0.txt •
CVSS: 8.4EPSS: 6%CPEs: 1EXPL: 0CVE-2002-0204
https://notcve.org/view.php?id=CVE-2002-0204
03 May 2002 — Buffer overflow in GNU Chess (gnuchess) 5.02 and earlier, if modified or used in a networked capacity contrary to its own design as a single-user application, may allow local or remote attackers to execute arbitrary code via a long command. Desbordamiento de buffer en GNU Chess (gnuchess) 5.02 y anteriores, si modificado o usado en una capacidad de red contraria a su propio diseño como aplicación monousuario, puede permitir a atacantes remotos y locales ejecutar código arbitrario mediante un comando largo. • http://marc.info/?l=bugtraq&m=101189688815514&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 3CVE-2002-1602 – GNU Screen 3.9.x Braille Module - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-1602
23 Apr 2002 — Buffer overflow in the Braille module for GNU screen 3.9.11, when HAVE_BRAILLE is defined, allows local users to execute arbitrary code. • https://www.exploit-db.com/exploits/21414 •
CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 0CVE-2002-0062
https://notcve.org/view.php?id=CVE-2002-0062
08 Mar 2002 — Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling." El desbordamiento del búfer en ncurses 5.0, y el paquete de compatibilidad ncurses4 basado en él, permite a usuarios locales la obtención de privilegios. • http://www.debian.org/security/2002/dsa-113 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 4%CPEs: 40EXPL: 0CVE-2001-1376
https://notcve.org/view.php?id=CVE-2001-1376
04 Mar 2002 — Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data. • http://archives.neohapsis.com/archives/linux/suse/2002-q2/0362.html •
CVSS: 7.5EPSS: 0%CPEs: 40EXPL: 0CVE-2001-1377
https://notcve.org/view.php?id=CVE-2001-1377
04 Mar 2002 — Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific attribute, which allows remote attackers to cause a denial of service (crash) via a Vendor-Length that is less than 2. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:02.asc •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2002-0003
https://notcve.org/view.php?id=CVE-2002-0003
27 Feb 2002 — Buffer overflow in the preprocessor in groff 1.16 and earlier allows remote attackers to gain privileges via lpd in the LPRng printing system. Desbordamiento de buffer en el preprocesador de groff 1.16 y anteriores permite que un atacante obtenga privilegios de lpd en el sistema de impresión LPRng • http://online.securityfocus.com/advisories/3793 •