CVE-2002-1490
https://notcve.org/view.php?id=CVE-2002-1490
NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a series of calls to the TIOCSCTTY ioctl, which causes an integer overflow in a structure counter and sets the counter to zero, which frees memory that is still in use by other processes. NetBSD 1.4 a la 1.6 beta permite a usuarios locales causar la Denegación de Servicios (DoS) mediante una serie de llamadas a TIOCSCTTY ioctl, lo cual provoca un desbordamiento de enteros en un contador, poniendo dicho contador a 0, liberando memoria que aún esta en uso por otros procesos. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-007.txt.asc http://www.iss.net/security_center/static/10115.php http://www.osvdb.org/7566 http://www.securityfocus.com/bid/5722 •
CVE-2002-1543
https://notcve.org/view.php?id=CVE-2002-1543
Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-025.txt.asc http://www.iss.net/security_center/static/10458.php http://www.osvdb.org/7570 http://www.securityfocus.com/bid/6036 •
CVE-2002-1500
https://notcve.org/view.php?id=CVE-2002-1500
Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local users to gain privileges by executing the programs after filling the file descriptor tables, which produces file descriptors larger than FD_SETSIZE, which are not checked by FD_SET(). Desbordamiento de búfer en mrinfo, mtrace, y pppd en NetBSD 1.4.x a 1.6 permite a usuarios locales ganar privilegios ejecutando los programas despues de rellenar las tablas de descritptores de ficherros, lo que produce descriptores de ficheros mayores que FD_SETSIZE, que no son comprobados por FD_SET() • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-014.txt.asc http://www.iss.net/security_center/static/10114.php http://www.securityfocus.com/bid/5727 •
CVE-2003-0102 – File 3.x - Local Stack Overflow Code Execution
https://notcve.org/view.php?id=CVE-2003-0102
Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize). • https://www.exploit-db.com/exploits/22324 https://www.exploit-db.com/exploits/22325 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-003.txt.asc http://lwn.net/Alerts/34908 http://marc.info/?l=bugtraq&m=104680706201721&w=2 http://www.debian.org/security/2003/dsa-260 http://www.idefense.com/advisory/03.04.03.txt http://www.kb.cert.org/vuls/id/611865 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:030 http://www.novell.com& •
CVE-2002-1337 – Sendmail 8.11.x (Linux/i386) - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2002-1337
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. Desbordamiento de búfer en Sendmail 5.79 a la 8.12.7 que permite a atacantes remotos la ejecución arbitraria de código mediante ciertos campos de dirección formateados, relativos a comentarios de cabecera de emisor y receptor, procesados por la función crackaddr del fichero headers.c. • https://www.exploit-db.com/exploits/411 https://www.exploit-db.com/exploits/22313 https://www.exploit-db.com/exploits/22314 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6 ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5 ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000571 http://frontal2. • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •