CVSS: 4.6EPSS: 0%CPEs: 18EXPL: 0CVE-2002-0973
https://notcve.org/view.php?id=CVE-2002-0973
Integer signedness error in several system calls for FreeBSD 4.6.1 RELEASE-p10 and earlier may allow attackers to access sensitive kernel memory via large negative values to the (1) accept, (2) getsockname, and (3) getpeername system calls, and the (4) vesa FBIO_GETPALETTE ioctl. • http://marc.info/?l=bugtraq&m=102976839728706&w=2 http://www.iss.net/security_center/static/9903.php http://www.securityfocus.com/bid/5493 •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0CVE-2002-0830
https://notcve.org/view.php?id=CVE-2002-0830
Network File System (NFS) in FreeBSD 4.6.1 RELEASE-p7 and earlier, NetBSD 1.5.3 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service (hang) via an RPC message with a zero length payload, which causes NFS to reference a previous payload and enter an infinite loop. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-013.txt.asc http://marc.info/?l=bugtraq&m=102865517214722&w=2 http://www.info.apple.com/usen/security/security_updates.html http://www.osvdb.org/5072 http://www.securityfocus.com/bid/5402 https://exchange.xforce.ibmcloud.com/vulnerabilities/9772 •
CVSS: 7.2EPSS: 0%CPEs: 13EXPL: 0CVE-2002-0754
https://notcve.org/view.php?id=CVE-2002-0754
Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them. Kerberos 5 su (k5su) en FreeBSD 4.4 y anteriores se basa en la llamada al sistema getlogin para determinar si el usuario que esta ejecutando k5su es root, lo cual podría permitir a procesos sin privilegios, la obtención de permisos si ese proceso tiene un getlogin como root. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:07.k5su.asc http://www.iss.net/security_center/static/7956.php http://www.securityfocus.com/bid/3919 •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2002-0829
https://notcve.org/view.php?id=CVE-2002-0829
Integer overflow in the Berkeley Fast File System (FFS) in FreeBSD 4.6.1 RELEASE-p4 and earlier allows local users to access arbitrary file contents within FFS to gain privileges by creating a file that is larger than allowed by the virtual memory system. • http://marc.info/?l=bugtraq&m=102865404413458&w=2 http://www.iss.net/security_center/static/9771.php http://www.osvdb.org/5073 http://www.securityfocus.com/bid/5399 •
CVSS: 10.0EPSS: 82%CPEs: 10EXPL: 4CVE-2002-0391
https://notcve.org/view.php?id=CVE-2002-0391
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-055.0.txt ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-011.txt.asc ftp://patches.sgi.com/support/free/security/advisories/20020801-01-A ftp://patches.sgi.com/support/free/security/advisories/20020801-01-P http://archives.neohapsis.com/archives/aix/2002-q4/0002.html http://archives.neohapsis.com/archives/bugtraq/2002-07/0514.html http://archives.neohapsis.com/archives/hp/2002-q3/0077.html http://bvl • CWE-190: Integer Overflow or Wraparound •