CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2002-0755
https://notcve.org/view.php?id=CVE-2002-0755
12 Aug 2002 — Kerberos 5 su (k5su) in FreeBSD 4.5 and earlier does not verify that a user is a member of the wheel group before granting superuser privileges, which could allow unauthorized users to execute commands as root. Kerberos 5 su (k5su) en FreeBSD 4.5 y anteriores no verifican que el usuario sea miembro del grupo antes de otorgarle privilegios de superusuario, de modo podría permitir a usuarios no autorizados la ejecución de comandos como root. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:24.k5su.asc •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2002-0820
https://notcve.org/view.php?id=CVE-2002-0820
02 Aug 2002 — FreeBSD kernel 4.6 and earlier closes the file descriptors 0, 1, and 2 after they have already been assigned to /dev/null when the descriptors reference procfs or linprocfs, which could allow local users to reuse the file descriptors in a setuid or setgid program to modify critical data and gain privileges. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:23.stdio.asc •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2002-0701
https://notcve.org/view.php?id=CVE-2002-0701
23 Jul 2002 — ktrace in BSD-based operating systems allows the owner of a process with special privileges to trace the process after its privileges have been lowered, which may allow the owner to obtain sensitive information that the process obtained while it was running with the extra privileges. ktrace en sistemas opertativos basados en BSD permite al propietario de un proceso con privilegios especiales trazar el proceso después de que sus privilegios han sido bajados, lo que puede permitir al propietario obtener infor... • http://marc.info/?l=bugtraq&m=102650797504351&w=2 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2002-0574
https://notcve.org/view.php?id=CVE-2002-0574
03 Jul 2002 — Memory leak in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (memory exhaustion) via ICMP echo packets that trigger a bug in ip_output() in which the reference count for a routing table entry is not decremented, which prevents the entry from being removed. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:21.tcpip.asc • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 1CVE-2002-0381
https://notcve.org/view.php?id=CVE-2002-0381
25 Jun 2002 — The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address. • ftp://patches.sgi.com/support/free/security/advisories/20030604-01-I •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0CVE-2002-0518
https://notcve.org/view.php?id=CVE-2002-0518
11 Jun 2002 — The SYN cache (syncache) and SYN cookie (syncookie) mechanism in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (crash) (1) via a SYN packet that is accepted using syncookies that causes a null pointer to be referenced for the socket's TCP options, or (2) by killing and restarting a process that listens on the same socket, which does not properly clear the old inpcb pointer on restart. Los mecanismos SYN cache (syncache) y SYN cookie (syncookie) en FreeBSD 4.5 y anteriores, per... • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:20.syncache.asc •
CVSS: 7.2EPSS: 0%CPEs: 15EXPL: 3CVE-2002-0572 – Apple Mac OSX 10.x / FreeBSD 4.x / OpenBSD 2.x / Solaris 2.5/2.6/7.0/8 - 'exec C Library' Standard I/O File Descriptor Closure
https://notcve.org/view.php?id=CVE-2002-0572
11 Jun 2002 — FreeBSD 4.5 and earlier, and possibly other BSD-based operating systems, allows local users to write to or read from restricted files by closing the file descriptors 0 (standard input), 1 (standard output), or 2 (standard error), which may then be reused by a called setuid process that intended to perform I/O on normal files. • https://www.exploit-db.com/exploits/21407 •
CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 0CVE-2002-0062
https://notcve.org/view.php?id=CVE-2002-0062
08 Mar 2002 — Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling." El desbordamiento del búfer en ncurses 5.0, y el paquete de compatibilidad ncurses4 basado en él, permite a usuarios locales la obtención de privilegios. • http://www.debian.org/security/2002/dsa-113 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 46EXPL: 2CVE-2002-0004 – AT 3.1.8 - Formatted Time Heap Overflow
https://notcve.org/view.php?id=CVE-2002-0004
27 Feb 2002 — Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice. Corrupción de memoria en el comando "at" permite que usuarios locales ejecuten código arbitrario haciendo uso de un tiempo de ejecución mal escrito (lo que provoca que at libere la misma memoria dos veces). • https://www.exploit-db.com/exploits/21229 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2001-1185 – FreeBSD 4.4 - AIO Library Cross Process Memory Write
https://notcve.org/view.php?id=CVE-2001-1185
10 Dec 2001 — Some AIO operations in FreeBSD 4.4 may be delayed until after a call to execve, which could allow a local user to overwrite memory of the new process and gain privileges. Algunas operaciones AIO en FreeBSD 4.4 podrían ser retrasadas hasta la llamada a execve, lo cual, podría permitir a usuarios locales la sobreescritura en memorioa de nuevos procesos y la obtención de privilegios. • https://www.exploit-db.com/exploits/21176 •