CVSS: 9.8EPSS: 74%CPEs: 34EXPL: 1CVE-2002-0656 – Apache mod_ssl OpenSSL < 0.9.6d / < 0.9.7-beta2 - 'openssl-too-open.c' SSL2 KEY_ARG Overflow
https://notcve.org/view.php?id=CVE-2002-0656
31 Jul 2002 — Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3. Desbordamiento de búfer en OpenSSL 0.9.6d y anteriores, y 0.9.7-beta2 y anteriores, permite a atacantes remotos ejecutar código arbitrario mediante una clave maestra de cliente larga en SSL2 o un ID de sesión largo en SSL3 • https://www.exploit-db.com/exploits/40347 •
CVSS: 7.5EPSS: 12%CPEs: 34EXPL: 1CVE-2002-0659 – OpenSSL - ASN.1 Parsing
https://notcve.org/view.php?id=CVE-2002-0659
31 Jul 2002 — The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings. La librería ASN1 de Open SSL 0.9.6d y anterior, y 0.9.7-beta2 y anterior, permite que atacantes remotos provoquen una denegación de servicio por medio de codificaciones inválidas. • https://www.exploit-db.com/exploits/23199 •
CVSS: 9.8EPSS: 1%CPEs: 34EXPL: 0CVE-2002-0655
https://notcve.org/view.php?id=CVE-2002-0655
31 Jul 2002 — OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code. OpenSSL 0.9.6.d y anteriores, y 0.9.7-beta2 y anteriores, no manejan adecuadamente las representaciones ASCII de enteros en plataformas de 64 bits, lo que podría permitir a atacantes causar una denegación de servicio y posiblemente ejecutar código arbitrario. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.0.txt •
CVSS: 9.8EPSS: 2%CPEs: 6EXPL: 1CVE-2002-0676 – Apple Mac OSX 10.1.x - SoftwareUpdate Arbitrary Package Installation
https://notcve.org/view.php?id=CVE-2002-0676
11 Jul 2002 — SoftwareUpdate for MacOS 10.1.x does not use authentication when downloading a software update, which could allow remote attackers to execute arbitrary code by posing as the Apple update server via techniques such as DNS spoofing or cache poisoning, and supplying Trojan Horse updates. • https://www.exploit-db.com/exploits/21596 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2001-1565
https://notcve.org/view.php?id=CVE-2001-1565
31 Dec 2001 — Point to Point Protocol daemon (pppd) in MacOS x 10.0 and 10.1 through 10.1.5 provides the username and password on the command line, which allows local users to obtain authentication information via the ps command. • http://www.iss.net/security_center/static/7750.php •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2001-0720
https://notcve.org/view.php?id=CVE-2001-0720
06 Dec 2001 — Internet Explorer 5.1 for Macintosh on Mac OS X allows remote attackers to execute arbitrary commands by causing a BinHex or MacBinary file type to be downloaded, which causes the files to be executed if automatic decoding is enabled. • http://www.ciac.org/ciac/bulletins/m-013.shtml •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2001-0806
https://notcve.org/view.php?id=CVE-2001-0806
06 Dec 2001 — Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a user's desktop folder via insecure default permissions for the Desktop when it is created in some languages. • http://marc.info/?l=bugtraq&m=99358249631139&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 4CVE-2001-1447
https://notcve.org/view.php?id=CVE-2001-1447
17 Oct 2001 — NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to gain root privileges by opening applications using the (1) "recent items" and (2) "services" menus, which causes the applications to run with root privileges. • http://archives.neohapsis.com/archives/bugtraq/2001-10/0121.html •
CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 2CVE-2001-0766 – Apache 1.3.14 - Mac File Protection Bypass
https://notcve.org/view.php?id=CVE-2001-0766
12 Oct 2001 — Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remote attackers to bypass access restrictions via a URL that contains some characters whose case is not matched by Apache's filters. • https://www.exploit-db.com/exploits/20911 • CWE-178: Improper Handling of Case Sensitivity •
CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0CVE-2001-1446
https://notcve.org/view.php?id=CVE-2001-1446
11 Sep 2001 — Find-By-Content in Mac OS X 10.0 through 10.0.4 creates world-readable index files named .FBCIndex in every directory, which allows remote attackers to learn the contents of files in web accessible directories. • http://archives.neohapsis.com/archives/bugtraq/2001-09/0085.html •