CVSS: 2.1EPSS: 0%CPEs: 25EXPL: 1CVE-2002-1963
https://notcve.org/view.php?id=CVE-2002-1963
31 Dec 2002 — Linux kernel 2.4.1 through 2.4.19 sets root's NR_RESERVED_FILES limit to 10 files, which allows local users to cause a denial of service (resource exhaustion) by opening 10 setuid binaries. • http://online.securityfocus.com/archive/1/281100 •
CVSS: 2.1EPSS: 0%CPEs: 66EXPL: 0CVE-2002-2254
https://notcve.org/view.php?id=CVE-2002-2254
31 Dec 2002 — The experimental IP packet queuing feature in Netfilter / IPTables in Linux kernel 2.4 up to 2.4.19 and 2.5 up to 2.5.31, when a privileged process exits and network traffic is not being queued, may allow a later process with the same Process ID (PID) to access certain network traffic that would otherwise be restricted. • http://archives.neohapsis.com/archives/bugtraq/2002-12/0025.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 2.1EPSS: 0%CPEs: 47EXPL: 0CVE-2002-1571
https://notcve.org/view.php?id=CVE-2002-1571
31 Dec 2002 — The linux 2.4 kernel before 2.4.19 assumes that the fninit instruction clears all registers, which could lead to an information leak on processors that do not clear all relevant SSE registers. • http://linux.bkbits.net:8080/linux-2.4/diffs/arch/i386/kernel/i387.c%401.6 •
CVSS: 2.1EPSS: 0%CPEs: 31EXPL: 0CVE-2002-1319
https://notcve.org/view.php?id=CVE-2002-1319
11 Dec 2002 — The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on x86 systems, allows local users to cause a denial of service (hang) via the emulation mode, which does not properly clear TF and NT EFLAGs. El kernel de Linux 2.4.20 y anteriores, y 2.5.x, cuando se ejecuta en sistemas x86, permite a usuarios locales causar una denegación de servicio (cuelgue) mediante el modo de emulación, que no borra adecuadamente los marcadores (flags) TF y NT EFLAGs. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000553 •
CVSS: 3.6EPSS: 0%CPEs: 1EXPL: 0CVE-2002-0429
https://notcve.org/view.php?id=CVE-2002-0429
12 Aug 2002 — The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a a binary compatibility interface (lcall). • http://marc.info/?l=bugtraq&m=101561298818888&w=2 •
CVSS: 7.5EPSS: 1%CPEs: 7EXPL: 0CVE-2002-0704
https://notcve.org/view.php?id=CVE-2002-0704
26 Jul 2002 — The Network Address Translation (NAT) capability for Netfilter ("iptables") 1.2.6a and earlier leaks translated IP addresses in ICMP error messages. • http://marc.info/?l=bugtraq&m=102088521517722&w=2 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVSS: 2.1EPSS: 0%CPEs: 42EXPL: 2CVE-2002-0499 – Linux Kernel 2.2.x/2.3/2.4.x - 'd_path()' Path Truncation
https://notcve.org/view.php?id=CVE-2002-0499
11 Jun 2002 — The d_path function in Linux kernel 2.2.20 and earlier, and 2.4.18 and earlier, truncates long pathnames without generating an error, which could allow local users to force programs to perform inappropriate operations on the wrong directories. • https://www.exploit-db.com/exploits/21353 •
CVSS: 2.1EPSS: 0%CPEs: 39EXPL: 0CVE-2002-0570
https://notcve.org/view.php?id=CVE-2002-0570
11 Jun 2002 — The encrypted loop device in Linux kernel 2.4.10 and earlier does not authenticate the entity that is encrypting data, which allows local users to modify encrypted data without knowing the key. • http://archives.neohapsis.com/archives/bugtraq/2002-01/0010.html •
CVSS: 5.0EPSS: 0%CPEs: 19EXPL: 0CVE-2002-0510
https://notcve.org/view.php?id=CVE-2002-0510
11 Jun 2002 — The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux. La implementación de UDP en los kernels 2.4.x de Linux mantiene el campo de identificación de IP a 0 en todos los paquetes no fragmentados, lo que permite a atacantes remotos determinar que el sistema está ejecutando Linux. • http://www.iss.net/security_center/static/8588.php •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2002-0060
https://notcve.org/view.php?id=CVE-2002-0060
08 Mar 2002 — IRC connection tracking helper module in the netfilter subsystem for Linux 2.4.18-pre9 and earlier does not properly set the mask for conntrack expectations for incoming DCC connections, which could allow remote attackers to bypass intended firewall restrictions. El módulo de ayuda de seguimiento de conexión IRC en el subsistema netfilter en Linux 2.4.18-pre9 y anteriores no establece adecuadamente la máscara para 'conntrack' esperadas para conexiones DCC, lo que podría perimitir a atacantes remotos evitar ... • http://frontal2.mandriva.com/security/advisories?name=MDKSA-2002:041 •