CVSS: 10.0EPSS: 25%CPEs: 111EXPL: 2CVE-2003-0161 – Sendmail 8.12.8 (BSD) - 'Prescan()' Remote Command Execution
https://notcve.org/view.php?id=CVE-2003-0161
01 Apr 2003 — The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337. • https://www.exploit-db.com/exploits/24 •
CVSS: 9.8EPSS: 96%CPEs: 165EXPL: 1CVE-2003-0028
https://notcve.org/view.php?id=CVE-2003-0028
21 Mar 2003 — Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391. Desbordamiento de entero en la función xdrmem_getbytes(), y posiblemente otras funciones, de librerias XDR (representación de datos externos) derivadas de SunRPC, incluyendo l... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc •
CVSS: 10.0EPSS: 86%CPEs: 28EXPL: 4CVE-2002-1337 – Sendmail 8.11.x (Linux/i386) - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2002-1337
07 Mar 2003 — Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. Desbordamiento de búfer en Sendmail 5.79 a la 8.12.7 que permite a atacantes remotos la ejecución arbitraria de código mediante ciertos campos de dirección formateados, relativos a comentarios de cabecera de emisor y receptor, procesados por la función crackaddr del fichero heade... • https://www.exploit-db.com/exploits/411 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 91EXPL: 0CVE-2003-0064
https://notcve.org/view.php?id=CVE-2003-0064
03 Mar 2003 — The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. El emulador de terminal dtterm permite a atacantes modificar el título de la ventana mediante una cierta secuencia de carácter de escape, y a continuación insertarlo de nuevo en la linea de comandos del... • http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0093.html •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2003-1078
https://notcve.org/view.php?id=CVE-2003-1078
28 Feb 2003 — The FTP client for Solaris 2.6, 7, and 8 with the debug (-d) flag enabled displays the user password on the screen during login. • http://secunia.com/advisories/8186 •
CVSS: 6.5EPSS: 2%CPEs: 8EXPL: 0CVE-2003-0058
https://notcve.org/view.php?id=CVE-2003-0058
19 Feb 2003 — MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference. MIT Kerberos V5 Key Distribution Center (KDC) anteriores a 1.2.5 permite a atacantes autenticados remotamente causar una denegación de servicio (caída) en KDCs en el mismo dominio mediante una cierta petición de protocolo que causa una desreferencia nula. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000639 •
CVSS: 7.5EPSS: 5%CPEs: 9EXPL: 0CVE-2003-1079
https://notcve.org/view.php?id=CVE-2003-1079
18 Feb 2003 — Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for SPARC, and 2.5.1 through 8 for x86, allows remote attackers to cause a denial of service (memory consumption) via certain arguments in RPC calls that cause large amounts of memory to be allocated. • http://secunia.com/advisories/8092 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2003-1080
https://notcve.org/view.php?id=CVE-2003-1080
11 Feb 2003 — Unknown vulnerability in mail for Solaris 2.6 through 9 allows local users to read the email of other users. • http://secunia.com/advisories/8058 •
CVSS: 7.5EPSS: 90%CPEs: 10EXPL: 1CVE-2003-0027 – Solaris KCMS + TTDB Arbitrary File Read
https://notcve.org/view.php?id=CVE-2003-0027
07 Feb 2003 — Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure. Vulnerabilidad de atravesamiento de directorios en el demonio servidor de Sun Kodak Color Management System (KMCS) (kcms_server) permite a atacantes remotos leer ficheros arbitrarios mediante el procedimiento KCS_OPEN_PROFILE • https://packetstorm.news/files/id/180772 •
CVSS: 7.5EPSS: 5%CPEs: 8EXPL: 0CVE-2003-1075
https://notcve.org/view.php?id=CVE-2003-1075
27 Jan 2003 — Unknown vulnerability in the FTP server (in.ftpd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (temporary FTP server hang), which affects other active mode FTP clients. • http://secunia.com/advisories/7968 •