CVSS: 7.2EPSS: 0%CPEs: 15EXPL: 3CVE-2002-0572 – Apple Mac OSX 10.x / FreeBSD 4.x / OpenBSD 2.x / Solaris 2.5/2.6/7.0/8 - 'exec C Library' Standard I/O File Descriptor Closure
https://notcve.org/view.php?id=CVE-2002-0572
FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid process that intended to perform I/O on normal files. • https://www.exploit-db.com/exploits/21407 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:23.stdio.asc http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0033.html http://online.securityfocus.com/archive/1/268970 http://online.securityfocus.com/archive/1/269102 http://www.ciac.org/ciac/bulletins/m-072.shtml http://www.iss.net/security_center/static/8920.php http://www.kb.cert.org/vuls/id/809347 http://www.osvdb.org/6095 http://www.secu •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2002-0514
https://notcve.org/view.php?id=CVE-2002-0514
PF in OpenBSD 3.0 with the return-rst rule sets the TTL to 128 in the RST packet, which allows remote attackers to determine if a port is being filtered because the TTL is different than the default TTL. PF en OpenBSD 3.0 con la regla return-rst establece el TTL (Time to Live) a 128 en el paquete RST, lo que permite a atacantes remotos determinar si un puerto está siendo filtrado porque el TTL es diferente del de por defecto. • http://www.iss.net/security_center/static/8738.php http://www.securityfocus.com/archive/1/265188 http://www.securityfocus.com/bid/4401 • CWE-203: Observable Discrepancy •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2002-0557
https://notcve.org/view.php?id=CVE-2002-0557
Vulnerability in OpenBSD 3.0, when using YP with netgroups in the password database, causes (1) rexec or (2) rsh to run another user's shell, or (3) atrun to change to a different user's directory, possibly due to memory allocation failures or an incorrect call to auth_approval(). • http://www.iss.net/security_center/static/8625.php http://www.openbsd.org/errata30.html#approval http://www.securityfocus.com/bid/4338 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 3CVE-2001-1559 – OpenBSD 2.x/3.0 - User Mode Return Value Denial of Service
https://notcve.org/view.php?id=CVE-2001-1559
The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference. • https://www.exploit-db.com/exploits/21167 http://archives.neohapsis.com/archives/bugtraq/2001-12/0014.html http://monkey.org/openbsd/archive/tech/0112/msg00015.html http://www.iss.net/security_center/static/7690.php • CWE-476: NULL Pointer Dereference •
CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0CVE-2001-1415
https://notcve.org/view.php?id=CVE-2001-1415
vi.recover in OpenBSD before 3.1 allows local users to remove arbitrary zero-byte files such as device nodes. • ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.9/common/016_recover.patch http://www.kb.cert.org/vuls/id/191675 https://exchange.xforce.ibmcloud.com/vulnerabilities/10149 •