CVE-2002-0796
https://notcve.org/view.php?id=CVE-2002-0796
Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remote attackers to gain root privileges. • http://marc.info/?l=bugtraq&m=102321107714554&w=2 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/219 http://www.iss.net/security_center/static/9241.php http://www.securityfocus.com/bid/4932 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A114 •
CVE-2002-0678
https://notcve.org/view.php?id=CVE-2002-0678
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure. El servidor de bases de datos CDE ToolTalk (ttdbserver) permite a usuarios locales sobreescribir ficheros arbitrarios mediante un ataque en enlaces simbólicos (symlink attack) en el fichero de registro (log) de transacciones usado por el procedimiento RPC _TT_TRANSACTION • ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt ftp://patches.sgi.com/support/free/security/advisories/20021101-01-P http://archives.neohapsis.com/archives/aix/2002-q3/0002.html http://marc.info/?l=bugtraq&m=102635906423617&w=2 http://www.cert.org/advisories/CA-2002-20.html http://www.iss.net/security_center/static/9527.php http://www.kb.cert.org/vuls/id/299816 http://www.securityfocus.com/bid/5083 http://www1.itrc.hp •
CVE-2002-0677
https://notcve.org/view.php?id=CVE-2002-0677
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. El sevidor de bases de datos CDE ToolTalk (ttdbserver) permite a atacantes remotos sobrescribir posiciones arbitrarias de memoria con ceros, y posiblemente ganar privilegios, mediante un arguemnte de descriptor de fichero en una llamada al procedimiento AUTH_UNIX, que es usado como índice de tabla en el procedimiento _TT_ISCLOSE. • ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt ftp://patches.sgi.com/support/free/security/advisories/20021102-02-P http://marc.info/?l=bugtraq&m=102635906423617&w=2 http://www.cert.org/advisories/CA-2002-20.html http://www.kb.cert.org/vuls/id/975403 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1099 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15 https:/ •
CVE-2002-0573
https://notcve.org/view.php?id=CVE-2002-0573
Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided to the syslog function when the wall command cannot be executed. • http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0049.html http://online.securityfocus.com/archive/1/270268 http://www.cert.org/advisories/CA-2002-10.html http://www.iss.net/security_center/static/8971.php http://www.kb.cert.org/vuls/id/638099 http://www.osvdb.org/778 http://www.securityfocus.com/bid/4639 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A41 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre •
CVE-2002-0436 – Solaris 7.0/8 Sunsolve CD - SSCD_SunCourier.pl CGI Script Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-2002-0436
sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter. • https://www.exploit-db.com/exploits/21340 http://www.iss.net/security_center/static/8435.php http://www.securityfocus.com/archive/1/261544 http://www.securityfocus.com/bid/4269 •