CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2002-1270
https://notcve.org/view.php?id=CVE-2002-1270
11 Dec 2002 — Mac OS X 10.2.2 allows local users to read files that only allow write access via the map_fd() Mach system call. Mac OS X 10.2.2 permite a usuarios locales la lectura de ficheros que sólo conceden acceso de escritura mediante la llamda al sistema map_fd() Mach. • http://www.info.apple.com/usen/security/security_updates.html •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2002-1268
https://notcve.org/view.php?id=CVE-2002-1268
11 Dec 2002 — Mac OS X 10.2.2 allows local users to gain privileges via a mounted ISO 9600 CD, aka "User Privilege Elevation via Mounting an ISO 9600 CD." Mac OS X 10.2.2 permite a usuarios locales ganar privilegios mediante un CD ISO 9600 montado. Tambíén conocida como "Elevación de privilegios de usuario montando un CD ISO 9600. • http://www.info.apple.com/usen/security/security_updates.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2002-1267
https://notcve.org/view.php?id=CVE-2002-1267
11 Dec 2002 — Mac OS X 10.2.2 allows remote attackers to cause a denial of service by accessing the CUPS Printing Web Administration utility, aka "CUPS Printing Web Administration is Remotely Accessible." • http://www.info.apple.com/usen/security/security_updates.html •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2002-1269
https://notcve.org/view.php?id=CVE-2002-1269
03 Dec 2002 — Unknown vulnerability in NetInfo Manager application in Mac OS X 10.2.2 allows local users to access restricted parts of a filesystem. Vulnerabilidad desconocida en la aplicación NetInfo Manager en Mac OS X 10.2.2 permite a usuarios locales acceder a partes restringidas de un sistema de ficheros. • http://www.info.apple.com/usen/security/security_updates.html •
CVSS: 7.5EPSS: 5%CPEs: 59EXPL: 0CVE-2002-1265
https://notcve.org/view.php?id=CVE-2002-1265
12 Nov 2002 — The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang). La funcionalidad RPC de Sun en múltiples implementaciones de libc no provee de un mecanismo de exceso de tiempo cuando se leen datos de conexiones TCP, lo que permite a atacantes remotos causar una denegación de servicio (cuelgue) • ftp://patches.sgi.com/support/free/security/advisories/20021103-01-P •
CVSS: 7.5EPSS: 5%CPEs: 28EXPL: 0CVE-2002-0666
https://notcve.org/view.php?id=CVE-2002-0666
25 Oct 2002 — IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors. Implementaciones de IPSEC, incluyendo FreeS/WAN y KAME no calculan adecuadamente la longitud de los datos de autenticación, lo que permite a atacantes remotos causar una denegación de servicio (kernel panic) me... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-016.txt.asc •
CVSS: 9.8EPSS: 74%CPEs: 34EXPL: 1CVE-2002-0656 – Apache mod_ssl OpenSSL < 0.9.6d / < 0.9.7-beta2 - 'openssl-too-open.c' SSL2 KEY_ARG Overflow
https://notcve.org/view.php?id=CVE-2002-0656
31 Jul 2002 — Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3. Desbordamiento de búfer en OpenSSL 0.9.6d y anteriores, y 0.9.7-beta2 y anteriores, permite a atacantes remotos ejecutar código arbitrario mediante una clave maestra de cliente larga en SSL2 o un ID de sesión largo en SSL3 • https://www.exploit-db.com/exploits/40347 •
CVSS: 9.8EPSS: 1%CPEs: 34EXPL: 0CVE-2002-0655
https://notcve.org/view.php?id=CVE-2002-0655
31 Jul 2002 — OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code. OpenSSL 0.9.6.d y anteriores, y 0.9.7-beta2 y anteriores, no manejan adecuadamente las representaciones ASCII de enteros en plataformas de 64 bits, lo que podría permitir a atacantes causar una denegación de servicio y posiblemente ejecutar código arbitrario. • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-033.0.txt •
CVSS: 7.5EPSS: 12%CPEs: 34EXPL: 1CVE-2002-0659 – OpenSSL - ASN.1 Parsing
https://notcve.org/view.php?id=CVE-2002-0659
31 Jul 2002 — The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings. La librería ASN1 de Open SSL 0.9.6d y anterior, y 0.9.7-beta2 y anterior, permite que atacantes remotos provoquen una denegación de servicio por medio de codificaciones inválidas. • https://www.exploit-db.com/exploits/23199 •
CVSS: 9.8EPSS: 2%CPEs: 6EXPL: 1CVE-2002-0676 – Apple Mac OSX 10.1.x - SoftwareUpdate Arbitrary Package Installation
https://notcve.org/view.php?id=CVE-2002-0676
11 Jul 2002 — SoftwareUpdate for MacOS 10.1.x does not use authentication when downloading a software update, which could allow remote attackers to execute arbitrary code by posing as the Apple update server via techniques such as DNS spoofing or cache poisoning, and supplying Trojan Horse updates. • https://www.exploit-db.com/exploits/21596 •