Page 2 of 50 results (0.007 seconds)

CVSS: 7.2EPSS: 1%CPEs: 47EXPL: 0

CVE-2002-0678

https://notcve.org/view.php?id=CVE-2002-0678

CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure. El servidor de bases de datos CDE ToolTalk (ttdbserver) permite a usuarios locales sobreescribir ficheros arbitrarios mediante un ataque en enlaces simbólicos (symlink attack) en el fichero de registro (log) de transacciones usado por el procedimiento RPC _TT_TRANSACTION • ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt ftp://patches.sgi.com/support/free/security/advisories/20021101-01-P http://archives.neohapsis.com/archives/aix/2002-q3/0002.html http://marc.info/?l=bugtraq&m=102635906423617&w=2 http://www.cert.org/advisories/CA-2002-20.html http://www.iss.net/security_center/static/9527.php http://www.kb.cert.org/vuls/id/299816 http://www.securityfocus.com/bid/5083 http://www1.itrc.hp •

CVSS: 7.5EPSS: 0%CPEs: 46EXPL: 0

CVE-2002-0677

https://notcve.org/view.php?id=CVE-2002-0677

CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. El sevidor de bases de datos CDE ToolTalk (ttdbserver) permite a atacantes remotos sobrescribir posiciones arbitrarias de memoria con ceros, y posiblemente ganar privilegios, mediante un arguemnte de descriptor de fichero en una llamada al procedimiento AUTH_UNIX, que es usado como índice de tabla en el procedimiento _TT_ISCLOSE. • ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt ftp://patches.sgi.com/support/free/security/advisories/20021102-02-P http://marc.info/?l=bugtraq&m=102635906423617&w=2 http://www.cert.org/advisories/CA-2002-20.html http://www.kb.cert.org/vuls/id/975403 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1099 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15 https:/&#x •

CVSS: 10.0EPSS: 23%CPEs: 1EXPL: 5

CVE-2001-1583 – Solaris 10 LPD - Arbitrary File Delete

https://notcve.org/view.php?id=CVE-2001-1583

lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220. • https://www.exploit-db.com/exploits/1167 https://www.exploit-db.com/exploits/9921 https://www.exploit-db.com/exploits/16322 https://www.exploit-db.com/exploits/21097 http://marc.info/?l=bugtraq&m=99929694701826&w=2 http://metasploit.com/projects/Framework/modules/exploits/solaris_lpd_exec.pm http://www.derkeiler.com/Mailing-Lists/securityfocus/incidents/2001-08/0490.html http://www.osvdb.org/15131 http://www.securityfocus.com/bid/3274 https://exchange.xforce.ibmcloud.co • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 10.0EPSS: 97%CPEs: 43EXPL: 9

CVE-2001-0797 – System V Derived /bin/login - Extraneous Arguments Buffer Overflow

https://notcve.org/view.php?id=CVE-2001-0797

Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin. Desbordamiento de búfer en la entrada a varios sistemas operativos basados en System V, permite a atacantes remotos la ejecución de comandos arbitrarios mediante un gran número de argumentos a través de servicios como telnet y rlogin. • https://www.exploit-db.com/exploits/16928 https://www.exploit-db.com/exploits/346 https://www.exploit-db.com/exploits/716 https://www.exploit-db.com/exploits/57 https://www.exploit-db.com/exploits/9917 https://www.exploit-db.com/exploits/16327 https://www.exploit-db.com/exploits/10036 https://www.exploit-db.com/exploits/21179 ftp://patches.sgi.com/support/free/security/advisories/20011201-01-I ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.40/ •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 2

CVE-2001-0652 – Solaris 2.6/7/8 (SPARC) - xlock Heap Overflow

https://notcve.org/view.php?id=CVE-2001-0652

Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable. • https://www.exploit-db.com/exploits/21058 https://www.exploit-db.com/exploits/21059 http://marc.info/?l=bugtraq&m=99745571104126&w=2 http://www.securityfocus.com/bid/3160 https://exchange.xforce.ibmcloud.com/vulnerabilities/6967 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A131 •