CVE-2002-1199
https://notcve.org/view.php?id=CVE-2002-1199
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments. El procedimiento getdbm en ypxfrd permite a usuarios locales leer ficheros arbitrarios, y a atacantes remotos leer bases de datos fuera de /var/yp, mediante ataques de atravesamiento de directorios y de enlaces simbólicos en los argumentos de dominio y mapa. • ftp://ftp.caldera.com/pub/updates/OpenServer/CSSA-2002-SCO.40 http://marc.info/?l=bugtraq&m=103426842025029&w=2 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/47903 http://www.iss.net/security_center/static/10329.php http://www.kb.cert.org/vuls/id/538033 http://www.securityfocus.com/bid/5937 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2423 •
CVE-2001-0797 – System V Derived /bin/login - Extraneous Arguments Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0797
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin. Desbordamiento de búfer en la entrada a varios sistemas operativos basados en System V, permite a atacantes remotos la ejecución de comandos arbitrarios mediante un gran número de argumentos a través de servicios como telnet y rlogin. • https://www.exploit-db.com/exploits/16928 https://www.exploit-db.com/exploits/346 https://www.exploit-db.com/exploits/716 https://www.exploit-db.com/exploits/57 https://www.exploit-db.com/exploits/9917 https://www.exploit-db.com/exploits/16327 https://www.exploit-db.com/exploits/10036 https://www.exploit-db.com/exploits/21179 ftp://patches.sgi.com/support/free/security/advisories/20011201-01-I ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.40/ •
CVE-2001-0554 – Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - 'TelnetD' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0554
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. • https://www.exploit-db.com/exploits/21018 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc ftp://patches.sgi.com/support/free/security/advisories/20010801-01-P ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txt http://archives.neohapsis.com/archives/hp/2001-q4/0014.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000413 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2001-0115 – Solaris 7/8-beta - ARP Local Overflow
https://notcve.org/view.php?id=CVE-2001-0115
Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter. • https://www.exploit-db.com/exploits/250 http://marc.info/?l=bugtraq&m=97934312727101&w=2 http://marc.info/?l=bugtraq&m=97957435729702&w=2 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/200&type=0&nav=sec.sba http://www.securityfocus.com/bid/2193 https://exchange.xforce.ibmcloud.com/vulnerabilities/5928 •
CVE-2000-0471 – Solaris 2.5/2.6/7.0/8 ufsrestore - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2000-0471
Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname. • https://www.exploit-db.com/exploits/20014 http://archives.neohapsis.com/archives/bugtraq/2000-06/0114.html http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/210 http://www.kb.cert.org/vuls/id/36866 http://www.osvdb.org/1398 http://www.securityfocus.com/bid/1348 https://exchange.xforce.ibmcloud.com/vulnerabilities/4711 •