CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2002-0820
https://notcve.org/view.php?id=CVE-2002-0820
FreeBSD kernel 4.6 and earlier closes the file descriptors 0, 1, and 2 after they have already been assigned to /dev/null when the descriptors reference procfs or linprocfs, which could allow local users to reuse the file descriptors in a setuid or setgid program to modify critical data and gain privileges. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:23.stdio.asc http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0047.html http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&frame=right&th=d429cd2ef1d3a2b7&seekm=ai6c0q%242289%241%40FreeBSD.csie.NCTU.edu.tw#link16 http://marc.info/?l=bugtraq&m=102979180524452&w=2 •
CVSS: 7.2EPSS: 0%CPEs: 28EXPL: 0CVE-2002-0062
https://notcve.org/view.php?id=CVE-2002-0062
Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling." El desbordamiento del búfer en ncurses 5.0, y el paquete de compatibilidad ncurses4 basado en él, permite a usuarios locales la obtención de privilegios. • http://www.debian.org/security/2002/dsa-113 http://www.iss.net/security_center/static/8222.php http://www.redhat.com/support/errata/RHSA-2002-020.html http://www.securityfocus.com/bid/2116 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.2EPSS: 0%CPEs: 12EXPL: 0CVE-2000-1011
https://notcve.org/view.php?id=CVE-2000-1011
Buffer overflow in catopen() function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to gain root privileges via a long environmental variable. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:53.catopen.asc http://www.osvdb.org/6070 https://exchange.xforce.ibmcloud.com/vulnerabilities/5638 •
CVSS: 7.2EPSS: 0%CPEs: 12EXPL: 0CVE-2000-1013
https://notcve.org/view.php?id=CVE-2000-1013
The setlocale function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:53.catopen.asc •
CVSS: 7.2EPSS: 0%CPEs: 12EXPL: 0CVE-2000-1012
https://notcve.org/view.php?id=CVE-2000-1012
The catopen function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:53.catopen.asc •