CVSS: 10.0EPSS: 1%CPEs: 38EXPL: 1CVE-2002-0083 – OpenSSH 2.x/3.0.1/3.0.2 - Channel Code Off-by-One
https://notcve.org/view.php?id=CVE-2002-0083
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. Error 'off-by-one' en el código de canal de OpenSSH 2.0 a 3.0.2 permite a usuarios locales o a servidores remotos ganar privilegios. • https://www.exploit-db.com/exploits/21314 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html http://archives.neohapsis.com/archives/vulnw • CWE-193: Off-by-one Error •
CVSS: 7.2EPSS: 0%CPEs: 46EXPL: 2CVE-2002-0004 – AT 3.1.8 - Formatted Time Heap Overflow
https://notcve.org/view.php?id=CVE-2002-0004
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice. Corrupción de memoria en el comando "at" permite que usuarios locales ejecuten código arbitrario haciendo uso de un tiempo de ejecución mal escrito (lo que provoca que at libere la misma memoria dos veces). • https://www.exploit-db.com/exploits/21229 http://marc.info/?l=bugtraq&m=101128661602088&w=2 http://marc.info/?l=bugtraq&m=101147632721031&w=2 http://online.securityfocus.com/advisories/3833 http://online.securityfocus.com/advisories/3969 http://www.debian.org/security/2002/dsa-102 http://www.novell.com/linux/security/advisories/2002_003_at_txt.html http://www.redhat.com/support/errata/RHSA-2002-015.html http://www.securityfocus.com/bid/3886 https://exchange.xforce. •