CVE-2002-0755
https://notcve.org/view.php?id=CVE-2002-0755
Kerberos 5 su (k5su) in FreeBSD 4.5 and earlier does not verify that a user is a member of the wheel group before granting superuser privileges, which could allow unauthorized users to execute commands as root. Kerberos 5 su (k5su) en FreeBSD 4.5 y anteriores no verifican que el usuario sea miembro del grupo antes de otorgarle privilegios de superusuario, de modo podría permitir a usuarios no autorizados la ejecución de comandos como root. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:24.k5su.asc http://www.iss.net/security_center/static/9125.php http://www.osvdb.org/4893 http://www.securityfocus.com/bid/4777 •
CVE-2002-0795
https://notcve.org/view.php?id=CVE-2002-0795
The rc system startup script for FreeBSD 4 through 4.5 allows local users to delete arbitrary files via a symlink attack on X Windows lock files. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:27.rc.asc http://www.iss.net/security_center/static/9217.php http://www.osvdb.org/5083 http://www.securityfocus.com/bid/4880 •
CVE-2002-0391
https://notcve.org/view.php?id=CVE-2002-0391
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-055.0.txt ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-011.txt.asc ftp://patches.sgi.com/support/free/security/advisories/20020801-01-A ftp://patches.sgi.com/support/free/security/advisories/20020801-01-P http://archives.neohapsis.com/archives/aix/2002-q4/0002.html http://archives.neohapsis.com/archives/bugtraq/2002-07/0514.html http://archives.neohapsis.com/archives/hp/2002-q3/0077.html http://bvl • CWE-190: Integer Overflow or Wraparound •
CVE-2002-0820
https://notcve.org/view.php?id=CVE-2002-0820
FreeBSD kernel 4.6 and earlier closes the file descriptors 0, 1, and 2 after they have already been assigned to /dev/null when the descriptors reference procfs or linprocfs, which could allow local users to reuse the file descriptors in a setuid or setgid program to modify critical data and gain privileges. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:23.stdio.asc http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0047.html http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&frame=right&th=d429cd2ef1d3a2b7&seekm=ai6c0q%242289%241%40FreeBSD.csie.NCTU.edu.tw#link16 http://marc.info/?l=bugtraq&m=102979180524452&w=2 •
CVE-2002-0574
https://notcve.org/view.php?id=CVE-2002-0574
Memory leak in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (memory exhaustion) via ICMP echo packets that trigger a bug in ip_output() in which the reference count for a routing table entry is not decremented, which prevents the entry from being removed. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:21.tcpip.asc http://www.iss.net/security_center/static/8893.php http://www.osvdb.org/5232 http://www.securityfocus.com/bid/4539 • CWE-401: Missing Release of Memory after Effective Lifetime •