Page 26 of 192 results (0.007 seconds)

CVSS: 7.5EPSS: 1%CPEs: 27EXPL: 0

CVE-2002-0836

https://notcve.org/view.php?id=CVE-2002-0836

dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts. El conversor dvips para ficheros Postscript en el paquete tetex llama a la función system() de forma insegura, lo que permite a atacantes ejecutar comandos arbitrarios mediante ciertos trabajos de impresión, posiblemente conteniendo fuentes. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000537 http://marc.info/?l=bugtraq&m=103497852330838&w=2 http://marc.info/?l=bugtraq&m=104005975415582&w=2 http://www.debian.org/security/2002/dsa-207 http://www.iss.net/security_center/static/10365.php http://www.kb.cert.org/vuls/id/169841 http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php http://www.redhat.com/support/errata/RHSA-2002-194.html http://www.redhat.com/support/errat •

CVSS: 6.2EPSS: 0%CPEs: 29EXPL: 0

CVE-2002-0638

https://notcve.org/view.php?id=CVE-2002-0638

setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh. setpwnam.c en el paquete util-linux, como se incluye en Red Hat Linux 7.3 y antieriores, y en otros sistemas operativos, no bloquea adecuadamente un fichero temporal cuando se modifica /etc/passwd, lo que puede permitir a usuarios locales ganar privilegios mediante una compleja condición de carrera que usa un descriptor de fichero abierto en utilidades como chfn y chsh. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt http://archives.neohapsis.com/archives/bugtraq/2002-07/0357.html http://archives.neohapsis.com/archives/bugtraq/2002-07/0396.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000523 http://marc.info/?l=bugtraq&m=102795787713996&w=2 http://online.securityfocus.com/advisories/4320 http://rhn.redhat.com/errata/RHSA-2002-132.html http://www.iss.net/security_center/static/9709.php http://www.kb&# •

CVSS: 7.2EPSS: 0%CPEs: 12EXPL: 0

CVE-2002-0506

https://notcve.org/view.php?id=CVE-2002-0506

Buffer overflow in newt.c of newt windowing library (libnewt) 0.50.33 and earlier may allow attackers to cause a denial of service or execute arbitrary code in setuid programs that use libnewt. Desbordamiento de buffer en newt.c de la librería de ventanas newt (libnewt) 0.50.33 y anteriores que podría permitir a atacantes causar una denegación de servicio o ejecutar código arbitrario en programas que usen libnewt. • http://online.securityfocus.com/archive/1/264699 http://www.iss.net/security_center/static/8700.php http://www.securityfocus.com/bid/4393 •

CVSS: 2.1EPSS: 0%CPEs: 5EXPL: 0

CVE-2002-0080

https://notcve.org/view.php?id=CVE-2002-0080

rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed. rsync no llama adecuadamente a 'setgroups' antes de establecer los permisos, lo cual podría proveer de ciertos privilegios de grupo a usuarios locales, los cuales podrían leer ciertos ficheros que de otro modo les estarían vetados. • http://www.caldera.com/support/security/advisories/CSSA-2002-014.1.txt http://www.iss.net/security_center/static/8463.php http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-024.php3 http://www.redhat.com/support/errata/RHSA-2002-026.html http://www.securityfocus.com/bid/4285 https://access.redhat.com/security/cve/CVE-2002-0080 https://bugzilla.redhat.com/show_bug.cgi?id=1616738 • CWE-269: Improper Privilege Management •

CVSS: 10.0EPSS: 1%CPEs: 38EXPL: 1

CVE-2002-0083 – OpenSSH 2.x/3.0.1/3.0.2 - Channel Code Off-by-One

https://notcve.org/view.php?id=CVE-2002-0083

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. Error 'off-by-one' en el código de canal de OpenSSH 2.0 a 3.0.2 permite a usuarios locales o a servidores remotos ganar privilegios. • https://www.exploit-db.com/exploits/21314 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html http://archives.neohapsis.com/archives/vulnw • CWE-193: Off-by-one Error •